UCF STIG Viewer Logo

Use of Microsoft accounts to log on must be blocked.


Overview

Finding ID Version Rule ID IA Controls Severity
V-36771 WN08-SO-000002 SV-48457r2_rule IAIA-1 Medium
Description
Control of logon credentials and the system must be maintained within the enterprise. Linking an account to an outside vendor could provide an opening if the account is compromised.
STIG Date
Windows 8 / 8.1 Security Technical Implementation Guide 2016-12-19

Details

Check Text ( C-45120r2_chk )
Analyze the system using the Security Configuration and Analysis snap-in. (See "Performing Analysis with the Security Configuration and Analysis Snap-in" in the STIG Overview document.)
Expand the Security Configuration and Analysis tree view.
Navigate to Local Policies -> Security Options.

If the value for "Accounts: Block Microsoft accounts" is not set to "Users can't add or log on with Microsoft accounts", this is a finding.
Fix Text (F-41584r2_fix)
Configure the policy value for Computer Configuration -> Windows Settings -> Security Settings -> Local Policies -> Security Options -> "Accounts: Block Microsoft accounts" to "Users can't add or log on with Microsoft accounts".