This setting specifies the period of time (in days) that a PIN can be used before the system requires the user to change it. The PIN can be set to expire after any number of days between 1 and 730, or PINs can be set to never expire if the policy is set to 0.
Default: 0.
Counter Measure:
Configure this setting depending on your organizations requirements.
Potential Impact:
PINs wil ...
This policy setting lets you turn on Content URI Rules to supplement the static Content URI Rules that were defined as part of the app manifest and apply to all Windows Store apps that use the enterpriseAuthentication capability on a computer.
If you enable this policy setting, you can define additional Content URI Rules that all Windows Store apps that use the enterpriseAuthentication capability ...
Windows Mail will not check your newsgroup servers for Communities support.
Fix:
(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Windows Mail!Turn off the communities features
(2) REG: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Mail!DisableCommunities
This policy setting prevents plaintext PINs from being returned by Credential Manager.
If you enable this policy setting, Credential Manager does not return a plaintext PIN.
If you disable or do not configure this policy setting, plaintext PINs can be returned by Credential Manager.
Note: Enabling this policy setting could prevent certain smart cards from working on Windows. Please consult your ...
When WDigest authentication is enabled, Lsass.exe retains a copy of the user's plaintext password in memory, where it can be at risk of theft. Microsoft recommends disabling WDigest authentication unless it is needed.
If this setting is not configured, WDigest authentication is disabled in Windows 8.1 and in Windows Server 2012 R2; it is enabled by default in earlier versions of Windows ...