APPL-14-003012 - The macOS system must disable password hints.

Information

Password hints must be disabled.

Password hints leak information about passwords that are currently in use and can lead to loss of confidentiality.

Solution

Configure the macOS system to disable password hints by installing the "com.apple.loginwindow" configuration profile.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Apple_macOS_14_V2R2_STIG.zip

Item Details

Category: IDENTIFICATION AND AUTHENTICATION

References: 800-53|IA-6, CAT|II, CCI|CCI-000206, Rule-ID|SV-259542r958470_rule, STIG-ID|APPL-14-003012, Vuln-ID|V-259542

Plugin: Unix

Control ID: c25c8eb13669a73d7b11c2a16b874ba86701764a2c9ec661c0454b237c51005b