Detections
Analytics
4.036 - The use of local accounts with blank passwords is not restricted to console logons only.
Information
This is a Category 1 finding because no accounts with blank passwords should exist on a system. The password policy should prevent this from occurring. However, if a local account with a blank password does exist, enabling this setting will limit the account to local console logon only.Solution
Configure the policy value for Computer Configuration -> Windows Settings -> Security Settings -> Local Policies -> Security Options -> 'Accounts- Limit local account use of blank passwords to console logon only' to 'Enabled'.See Also
http://iasecontent.disa.mil/stigs/zip/Oct2016/U_Windows_Vista_V6R41_STIG.zip
Item Details
Audit Name: DISA Windows Vista STIG v6r41
Category: CONFIGURATION MANAGEMENT
References: 800-53|CM-6b., CAT|I, CCI|CCI-000366, Rule-ID|SV-29233r1_rule, STIG-ID|4.036, Vuln-ID|V-3344
Plugin: Windows
Control ID: 50bec298341ea0f21427298174da9dbe7a8cd136e853c687b0c25bea25bf1119