Accounts must be configured to require password expiration.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-253273 | WN11-00-000090 | SV-253273r1016425_rule | Medium |
| Description |
| Passwords that do not expire increase exposure with a greater probability of being discovered or cracked. |
| STIG | Date |
| Microsoft Windows 11 Security Technical Implementation Guide | 2024-09-12 |
Details
| Check Text (C-56726r828901_chk) |
| Run "Computer Management". Navigate to System Tools >> Local Users and Groups >> Users. Double-click each active account. If "Password never expires" is selected for any account, this is a finding. |
| Fix Text (F-56676r828902_fix) |
| Configure all passwords to expire. Run "Computer Management". Navigate to System Tools >> Local Users and Groups >> Users. Double-click each active account. Ensure "Password never expires" is not checked on all active accounts. |