Passwords for the built-in Administrator account must be changed regularly.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| WN12-00-000007 | WN12-00-000007 | WN12-00-000007_rule | Medium |
| Description |
|---|
| The longer a password is in use, the greater the opportunity for someone to gain unauthorized knowledge of the password. Passwords for the built-in Administrator account must be changed at least annually or when any member of the administrative team leaves the organization. |
| STIG | Date |
|---|---|
| Microsoft Windows Server 2012 Member Server Security Technical Implementation Guide | 2013-07-25 |
Details
| Check Text ( C-WN12-00-000007_chk ) |
|---|
| Determine whether the site has a policy that requires the built-in Administrator account passwords to be changed at least annually or when any member of the administrative team leaves the organization. If there is no policy, this is a finding. |
| Fix Text (F-WN12-00-000007_fix) |
|---|
| Define a policy that requires the default administrator passwords to be changed at least annually or when any member of the administrative team leaves the organization. Ensure the policy is implemented. |