[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

Minimum Password Age

ID: oval:gov.nist.usgcb.windowsseven:def:6Date: (C)2012-04-13   (M)2023-07-14
Class: COMPLIANCEFamily: windows




This security setting determines the period of time (in days) that a password must be used before the user can change it. You can set a value between 1 and 998 days, or you can allow changes immediately by setting the number of days to 0. The minimum password age must be less than the Maximum password age, unless the maximum password age is set to 0, indicating that passwords will never expire. If the maximum password age is set to 0, the minimum password age can be set to any value between 0 and 998. Configure the minimum password age to be more than 0 if you want Enforce password history to be effective. Without a minimum password age, users can cycle through passwords repeatedly until they get to an old favorite. The default setting does not follow this recommendation, so that an administrator can specify a password for a user and then require the user to change the administrator-defined password when the user logs on. If the password history is set to 0, the user does not have to choose a new password. For this reason, Enforce password history is set to 1 by default. Default: 1 on domain controllers. 0 on stand-alone servers. Note: By default, member computers follow the configuration of their domain controllers. Fix: (1) GPO: Computer Configuration\Windows Settings\Security Settings\Account Policies\Password Policy\Minimum password age (2) REG: INFO NOT AVAILABLE

Platform:
Microsoft Windows 7
Reference:
CCE-9330-2
CPE    1
cpe:/o:microsoft:windows_7
CCE    1
CCE-9330-2
XCCDF    11
xccdf_org.secpod_benchmark_Windows_7
xccdf_org.secpod_benchmark_general_Windows_7
xccdf_org.secpod_benchmark_HIPAA_45CFR_164_Windows_7
xccdf_nist_benchmark_Windows_7
...

© SecPod Technologies