Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
DBMS account passwords should be set to expire every 60 days or more frequently.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-15153 | DG0125-SQLServer9 | SV-19452r1_rule | IAIA-1 IAIA-2 | Medium |
| Description |
|---|
| Unchanged passwords provide a means for compromised passwords to be used for unauthorized access to DBMS accounts over a long time. |
| STIG | Date |
|---|---|
| Microsoft SQL Server 2005 Instance Security Technical Implementation Guide | 2015-04-03 |
Details
| Check Text ( None ) |
|---|
| None |
| Fix Text (F-18422r1_fix) |
|---|
| Set SQL Server logins to check password expiration. ALTER LOGIN [user name] WITH CHECK_EXPIRATION = ON |