WN22-00-000200 - Windows Server 2022 accounts must require passwords.

Information

The lack of password protection enables anyone to gain access to the information system, which opens a backdoor opportunity for intruders to compromise the system as well as other resources. Accounts on a system must require passwords.

Solution

Configure all enabled accounts to require passwords.

The password required flag can be set by entering the following on a command line: 'Net user [username] /passwordreq:yes', substituting [username] with the name of the user account.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_MS_Windows_Server_2022_V1R3_STIG.zip

Item Details

References: CAT|II, CCI|CCI-000764, Rule-ID|SV-254257r848587_rule, STIG-ID|WN22-00-000200, Vuln-ID|V-254257

Plugin: Windows

Control ID: cf951ee726472bb4c0fb710d0221ddad319ce322b4b7e01b6c997db6821d1ed7