5.8 Disable automatic login

Information

The automatic login feature saves a user's system access credentials and bypasses the login screen, instead the system automatically loads to the user's desktop screen. Disabling automatic login decreases the likelihood of an unauthorized person gaining access to a system.

Solution

Perform the following to implement the prescribed state: Run the following command in Terminal: sudo defaults delete /Library/Preferences/com.apple.loginwindow autoLoginUser Impact: If Automatic login is not disabled an unauthorized user could login without supplying a user password or credential.

See Also

https://workbench.cisecurity.org/files/299

Item Details

Category: ACCESS CONTROL

References: 800-53|AC-14a.

Plugin: Unix

Control ID: 93080154244e5ceaec4c36c5093bf287d20689916e8b3818b1b56ce2a961fce3