800-53|AC-2(3)

Title

DISABLE INACTIVE ACCOUNTS

Description

The information system automatically disables inactive accounts after [Assignment: organization-defined time period].

Reference Item Details

Category: ACCESS CONTROL

Parent Title: ACCOUNT MANAGEMENT

Family: ACCESS CONTROL

Baseline Impact: MODERATE,HIGH

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.1.2 (L1) Ensure 'Maximum password age' is set to '60 or fewer days, but not 0'WindowsCIS Microsoft Windows 8.1 v2.4.0 L1
1.1.2 (L1) Ensure 'Maximum password age' is set to '60 or fewer days, but not 0'WindowsCIS Microsoft Windows 8.1 v2.4.0 L1 Bitlocker
1.1.2 Ensure 'Maximum password age' is set to '60 or fewer days, but not 0'WindowsCIS Windows Server 2012 DC L1 v2.2.0
1.1.2 Ensure 'Maximum password age' is set to '60 or fewer days, but not 0'WindowsCIS Windows Server 2012 MS L1 v2.2.0
1.1.2 Ensure 'Maximum password age' is set to '60 or fewer days, but not 0'WindowsCIS Microsoft Intune for Windows 10 Release 2004 v1.0.1 L1 + BL + NG
1.1.2 Ensure 'Maximum password age' is set to '60 or fewer days, but not 0'WindowsCIS Microsoft Intune for Windows 10 Release 2004 v1.0.1 L1
1.1.2 Ensure 'Maximum password age' is set to '60 or fewer days, but not 0'WindowsCIS Microsoft Intune for Windows 10 Release 2004 v1.0.1 L1 + BL
1.1.2 Ensure 'Maximum password age' is set to '60 or fewer days, but not 0'WindowsCIS Microsoft Windows Server 2019 STIG DC L1 v1.0.1
1.1.2 Ensure 'Maximum password age' is set to '60 or fewer days, but not 0'WindowsCIS Microsoft Windows Server 2019 STIG DC STIG v1.0.1
1.1.2 Ensure 'Maximum password age' is set to '60 or fewer days, but not 0'WindowsCIS Microsoft Windows Server 2016 STIG DC STIG v1.1.0
1.1.2 Ensure 'Maximum password age' is set to '60 or fewer days, but not 0'WindowsCIS Microsoft Windows Server 2016 STIG MS STIG v1.1.0
1.1.2 Ensure 'Maximum password age' is set to '60 or fewer days, but not 0'WindowsCIS Microsoft Intune for Windows 10 Release 2004 v1.0.1 L1 + NG
1.1.2 Ensure 'Maximum password age' is set to '60 or fewer days, but not 0'WindowsCIS Microsoft Windows Server 2019 STIG MS STIG v1.0.1
1.1.2 Ensure 'Maximum password age' is set to '60 or fewer days, but not 0'WindowsCIS Microsoft Windows Server 2019 STIG MS L1 v1.0.1
1.1.2 Ensure 'Maximum password age' is set to '365 or fewer days, but not 0'WindowsCIS Microsoft Windows Server 2016 DC L1 v1.3.0
1.1.2 Ensure 'Maximum password age' is set to '365 or fewer days, but not 0'WindowsCIS Windows Server 2012 R2 DC L1 v2.5.0
1.1.2 Ensure 'Maximum password age' is set to '365 or fewer days, but not 0'WindowsCIS Microsoft Windows Server 2016 MS L1 v1.3.0
1.1.2 Ensure 'Maximum password age' is set to '365 or fewer days, but not 0'WindowsCIS Windows Server 2012 R2 MS L1 v2.5.0
1.1.3 (L1) Ensure 'Minimum password age' is set to '1 or more day(s)'WindowsCIS Microsoft Windows 8.1 v2.4.0 L1
1.1.3 (L1) Ensure 'Minimum password age' is set to '1 or more day(s)'WindowsCIS Microsoft Windows 8.1 v2.4.0 L1 Bitlocker
1.1.3 Ensure 'Maximum password age' is set to '365 or fewer days, but not 0'WindowsCIS Microsoft Windows Server 2016 STIG DC L1 v1.1.0
1.1.3 Ensure 'Maximum password age' is set to '365 or fewer days, but not 0'WindowsCIS Microsoft Windows Server 2016 STIG MS L1 v1.1.0
1.1.3 Ensure 'Minimum password age' is set to '1 or more day(s)'WindowsCIS Windows Server 2012 R2 MS L1 v2.5.0
1.1.3 Ensure 'Minimum password age' is set to '1 or more day(s)'WindowsCIS Windows Server 2012 R2 DC L1 v2.5.0
1.1.3 Ensure 'Minimum password age' is set to '1 or more day(s)'WindowsCIS Windows Server 2012 DC L1 v2.2.0
1.1.3 Ensure 'Minimum password age' is set to '1 or more day(s)'WindowsCIS Windows Server 2012 MS L1 v2.2.0
1.1.3 Ensure 'Minimum password age' is set to '1 or more day(s)'WindowsCIS Microsoft Intune for Windows 10 Release 2004 v1.0.1 L1 + BL + NG
1.1.3 Ensure 'Minimum password age' is set to '1 or more day(s)'WindowsCIS Microsoft Intune for Windows 10 Release 2004 v1.0.1 L1
1.1.3 Ensure 'Minimum password age' is set to '1 or more day(s)'WindowsCIS Microsoft Windows Server 2019 STIG DC L1 v1.0.1
1.1.3 Ensure 'Minimum password age' is set to '1 or more day(s)'WindowsCIS Microsoft Windows Server 2019 STIG MS L1 v1.0.1
1.1.3 Ensure 'Minimum password age' is set to '1 or more day(s)'WindowsCIS Microsoft Windows Server 2016 MS L1 v1.3.0
1.1.3 Ensure 'Minimum password age' is set to '1 or more day(s)'WindowsCIS Microsoft Windows Server 2016 DC L1 v1.3.0
1.1.3 Ensure 'Minimum password age' is set to '1 or more day(s)'WindowsCIS Microsoft Intune for Windows 10 Release 2004 v1.0.1 L1 + BL
1.1.3 Ensure 'Minimum password age' is set to '1 or more day(s)'WindowsCIS Microsoft Intune for Windows 10 Release 2004 v1.0.1 L1 + NG
1.1.3 Ensure 'Minimum password age' is set to '1 or more day(s)'WindowsCIS Microsoft Windows Server 2019 STIG MS STIG v1.0.1
1.1.3 Ensure 'Minimum password age' is set to '1 or more day(s)'WindowsCIS Microsoft Windows Server 2019 STIG DC STIG v1.0.1
1.1.4 Ensure 'Minimum password age' is set to '1 or more day(s)'WindowsCIS Microsoft Windows Server 2016 STIG DC L1 v1.1.0
1.1.4 Ensure 'Minimum password age' is set to '1 or more day(s)'WindowsCIS Microsoft Windows Server 2016 STIG DC STIG v1.1.0
1.1.4 Ensure 'Minimum password age' is set to '1 or more day(s)'WindowsCIS Microsoft Windows Server 2016 STIG MS L1 v1.1.0
1.1.4 Ensure 'Minimum password age' is set to '1 or more day(s)'WindowsCIS Microsoft Windows Server 2016 STIG MS STIG v1.1.0
1.3 Ensure guest users are reviewed on a monthly basismicrosoft_azureCIS Microsoft Azure Foundations v1.3.1 L1
1.3.7 Ensure 'Required Password Change Period' is less than or equal to 90 daysPalo_AltoCIS Palo Alto Firewall 9 v1.0.1 L1
1.3.7 Ensure 'Required Password Change Period' is less than or equal to 90 daysPalo_AltoCIS Palo Alto Firewall 10 v1.0.0 L1
1.12 Ensure credentials unused for 45 days or greater are disabledamazon_awsCIS Amazon Web Services Foundations L1 1.4.0
10.5 Lock Inactive User AccountsUnixCIS Debian Linux 7 L1 v1.0.0
10.5 Lock Inactive User AccountsUnixCIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0
17.1.1 (L1) Ensure 'Audit Credential Validation' is set to 'Success and Failure'WindowsCIS Microsoft Windows 8.1 v2.4.0 L1
17.1.1 (L1) Ensure 'Audit Credential Validation' is set to 'Success and Failure'WindowsCIS Microsoft Windows 8.1 v2.4.0 L1 Bitlocker
17.1.1 Ensure 'Audit Credential Validation' is set to 'Success and Failure'WindowsCIS Windows Server 2012 DC L1 v2.2.0
17.1.1 Ensure 'Audit Credential Validation' is set to 'Success and Failure'WindowsCIS Windows Server 2012 MS L1 v2.2.0