DTOO237 - The remember password for internet e-mail accounts must be disabled.

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

Use this option to hide your user's ability to cache passwords locally in the computer's registry. When configured, this policy will hide the 'Remember Password' checkbox and not allow users to have Outlook remember their password. Note that POP3, IMAP, and HTTP e-mail accounts are all considered Internet e-mail accounts in Outlook. E-mail account options are listed on the Server Type dialog box when users choose 'New' under Tools | Account Settings.

Solution

Set the policy value for User Configuration -> Administrative Templates -> Microsoft Outlook 2016 -> Security 'Disable 'Remember password' for Internet e-mail accounts' to 'Enabled'.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_MS_Outlook_2016_V2R1_STIG.zip

Item Details

Category: IDENTIFICATION AND AUTHENTICATION

References: 800-53|IA-5, CAT|II, CCI|CCI-002007, Rule-ID|SV-228437r508021_rule, STIG-ID|DTOO237, STIG-Legacy|SV-85777, STIG-Legacy|V-71153, Vuln-ID|V-228437

Plugin: Windows

Control ID: 494e9f0ca8b6bec7176cd1dbc2384edd14a67448058dc810996d06bc7f649f65