WN16-CC-000370 - Passwords must not be saved in the Remote Desktop Client.

Information

Saving passwords in the Remote Desktop Client could allow an unauthorized user to establish a remote desktop session to another system. The system must be configured to prevent users from saving passwords in the Remote Desktop Client.

Satisfies: SRG-OS-000373-GPOS-00157, SRG-OS-000373-GPOS-00156

Solution

Configure the policy value for Computer Configuration >> Administrative Templates >> Windows Components >> Remote Desktop Services >> Remote Desktop Connection Client >> 'Do not allow passwords to be saved' to 'Enabled'.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_MS_Windows_Server_2016_V2R9_STIG.zip

Item Details

Category: IDENTIFICATION AND AUTHENTICATION

References: 800-53|IA-11, CAT|II, CCI|CCI-002038, Rule-ID|SV-224944r1001261_rule, STIG-ID|WN16-CC-000370, STIG-Legacy|SV-88231, STIG-Legacy|V-73567, Vuln-ID|V-224944

Plugin: Windows

Control ID: 5f23632cc755cfb824033e52e7ee875e4384c4bca5bb127801df75759cfa3ee0