1.1.1.9 Set 'Maximum password age' to '60 or fewer days'

Information

This policy setting defines how long a user can use their password before it expires.

Solution

Make sure 'maximum password age' is set to a minimum of 60 days.

See Also

https://workbench.cisecurity.org/files/17

Item Details

Category: IDENTIFICATION AND AUTHENTICATION

References: 800-53|IA-5(1)(d), CSCv6|16.5

Plugin: Windows

Control ID: d9071c818e7fbd5b12b43d1f70f32fe8ee0da12060c9067b0c551e4014c080ee