Information
This policy setting ensures that all manually managed application account passwords are at least 15 characters in length.
The recommended STIG state for this setting is: 15 characters or more
Rationale:
Application account passwords must be of sufficient length to prevent being easily cracked. Application accounts that are manually managed must have passwords at least 15 characters in length.
Impact:
All manually managed account will need to be at least 15 characters in length.
NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.
Solution
Establish a policy that requires application/service account passwords that are manually managed to be 15 characters or more in length. Ensure that the policy is enforced.
Default Value:
N/A
Additional Information:
Microsoft Windows Server 2019 Security Technical Implementation Guide:
Version 2, Release 1, Benchmark Date: November 13, 2020
Vul ID: V-205661
Rule ID: SV-205661r569188_rule
STIG ID: WN19-00-000050
Severity: CAT II