Detections
Analytics
WN25-00-000200 - Windows Server 2025 accounts must require passwords.
Information
The lack of password protection enables anyone to gain access to the information system, which opens a backdoor opportunity for intruders to compromise the system as well as other resources. Accounts on a system must require passwords.Solution
Configure all enabled accounts to require passwords.The password required flag can be set by entering the following on a command line: 'Net user [username] /passwordreq:yes', substituting [username] with the name of the user account.
See Also
https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_MS_Windows_Server_2025_V1R1_STIG.zip
Item Details
Audit Name: DISA Microsoft Windows Server 2025 STIG v1r1
Category: IDENTIFICATION AND AUTHENTICATION
References: 800-53|IA-2, CAT|II, CCI|CCI-000764, Rule-ID|SV-278004r1182256_rule, STIG-ID|WN25-00-000200, Vuln-ID|V-278004
Plugin: Windows
Control ID: e80257ebadf94b42437988a5f821938e9fd0b22ee33c43ee708daf04c7ac9183