Passwords that do not expire increase exposure with a greater probability of being discovered or cracked. NOTE: Nessus has provided the target output to assist in reviewing the benchmark to ensure target compliance.
Configure all passwords to expire. Run 'Computer Management'. Navigate to System Tools >> Local Users and Groups >> Users. Double click each active account. Ensure 'Password never expires' is not checked on all active accounts.