Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
Use of Microsoft accounts to log on must be blocked.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-36771 | WN08-SO-000002 | SV-48457r1_rule | IAIA-1 | Medium |
| Description |
|---|
| Control of logon credentials and the system must be maintained within the enterprise. Linking an account to an outside vendor could provide an opening if the account is compromised. |
| STIG | Date |
|---|---|
| Windows 8 Security Technical Implementation Guide | 2014-01-07 |
Details
| Check Text ( C-45120r2_chk ) |
|---|
| Analyze the system using the Security Configuration and Analysis snap-in. (See "Performing Analysis with the Security Configuration and Analysis Snap-in" in the STIG Overview document.) Expand the Security Configuration and Analysis tree view. Navigate to Local Policies -> Security Options. If the value for "Accounts: Block Microsoft accounts" is not set to "Users can't add or log on with Microsoft accounts", this is a finding. |
| Fix Text (F-41584r2_fix) |
|---|
| Configure the policy value for Computer Configuration -> Windows Settings -> Security Settings -> Local Policies -> Security Options -> "Accounts: Block Microsoft accounts" to "Users can't add or log on with Microsoft accounts". |