UCF STIG Viewer Logo

Supported authentication schemes must be configured.


Overview

Finding ID Version Rule ID IA Controls Severity
V-235761 EDGE-00-000048 SV-235761r766865_rule Medium
Description
This setting specifies which HTTP authentication schemes are supported. The policy can be configured by using these values: "basic", "digest", "ntlm", and "negotiate". Separate multiple values with commas. If this policy is not configured, all four schemes are used.
STIG Date
Microsoft Edge Security Technical Implementation Guide 2021-06-23

Details

Check Text ( C-38980r766864_chk )
The policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/HTTP authentication/Supported authentication schemes" must be set to "ntlm,negotiate".

Use the Windows Registry Editor to navigate to the following key:
HKLM\SOFTWARE\Policies\Microsoft\Edge

If the value for "AuthSchemes" is not set to "REG_SZ = ntlm,negotiate", this is a finding.
Fix Text (F-38943r626480_fix)
Set the policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/HTTP authentication/Supported authentication schemes" to "ntlm,negotiate".