CSCv7|16.4

Title

Encrypt or Hash all Authentication Credentials

Description

Encrypt or hash with a salt all authentication credentials when stored.

Reference Item Details

Reference: CIS Critical Security Controls v7

Category: Account Monitoring and Control

Audit Items

View all Reference Audit Items

Name	Plugin	Audit Name
1.1.2 Ensure that the --basic-auth-file argument is not set	Unix	CIS Kubernetes 1.13 Benchmark v1.4.1 L1
1.1.2 Ensure that the --basic-auth-file argument is not set	Unix	CIS Kubernetes 1.13 Benchmark v1.4.0 L1
1.1.6 (L1) Ensure 'Relax minimum password length limits' is set to 'Enabled'	Windows	CIS Microsoft Windows 11 Enterprise v3.0.0 L1 + BL
1.1.6 (L1) Ensure 'Relax minimum password length limits' is set to 'Enabled'	Windows	CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1
1.1.6 (L1) Ensure 'Relax minimum password length limits' is set to 'Enabled'	Windows	CIS Microsoft Windows 10 Enterprise v3.0.0 L1
1.1.6 (L1) Ensure 'Relax minimum password length limits' is set to 'Enabled'	Windows	CIS Microsoft Windows 11 Stand-alone v3.0.0 L1 + BL
1.1.6 (L1) Ensure 'Relax minimum password length limits' is set to 'Enabled'	Windows	CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL NG
1.1.6 (L1) Ensure 'Relax minimum password length limits' is set to 'Enabled'	Windows	CIS Microsoft Windows 11 Enterprise v3.0.0 L1
1.1.6 (L1) Ensure 'Relax minimum password length limits' is set to 'Enabled'	Windows	CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL
1.1.6 (L1) Ensure 'Relax minimum password length limits' is set to 'Enabled'	Windows	CIS Microsoft Windows 10 Enterprise v3.0.0 L1 + BL + NG
1.1.6 (L1) Ensure 'Relax minimum password length limits' is set to 'Enabled'	Windows	CIS Microsoft Windows 10 Enterprise v3.0.0 L1 + NG
1.1.6 (L1) Ensure 'Relax minimum password length limits' is set to 'Enabled'	Windows	CIS Microsoft Windows 10 Stand-alone v3.0.0 L1
1.1.6 (L1) Ensure 'Relax minimum password length limits' is set to 'Enabled'	Windows	CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 NG
1.1.6 (L1) Ensure 'Relax minimum password length limits' is set to 'Enabled'	Windows	CIS Microsoft Windows 11 Stand-alone v3.0.0 L1
1.1.6 (L1) Ensure 'Relax minimum password length limits' is set to 'Enabled'	Windows	CIS Microsoft Windows 10 Enterprise v3.0.0 L1 + BL
1.1.6 (L1) Ensure 'Store passwords using reversible encryption' is set to 'Disabled'	Windows	CIS Microsoft Windows 8.1 v2.4.0 L1 Bitlocker
1.1.6 (L1) Ensure 'Store passwords using reversible encryption' is set to 'Disabled'	Windows	CIS Microsoft Windows Server 2019 v3.0.0 L1 Domain Controller
1.1.6 (L1) Ensure 'Store passwords using reversible encryption' is set to 'Disabled'	Windows	CIS Microsoft Windows Server 2019 v3.0.0 L1 Member Server
1.1.6 (L1) Ensure 'Store passwords using reversible encryption' is set to 'Disabled'	Windows	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1
1.1.6 (L1) Ensure 'Store passwords using reversible encryption' is set to 'Disabled'	Windows	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1
1.1.6 (L1) Ensure 'Store passwords using reversible encryption' is set to 'Disabled'	Windows	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1
1.1.6 (L1) Ensure 'Store passwords using reversible encryption' is set to 'Disabled'	Windows	CIS Windows Server 2012 DC L1 v3.0.0
1.1.6 (L1) Ensure 'Store passwords using reversible encryption' is set to 'Disabled'	Windows	CIS Microsoft Windows 10 Enterprise (Release 1803) v1.5.0 Level 1
1.1.6 (L1) Ensure 'Store passwords using reversible encryption' is set to 'Disabled'	Windows	CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 DC
1.1.6 (L1) Ensure 'Store passwords using reversible encryption' is set to 'Disabled'	Windows	CIS Microsoft Windows Server 2016 v3.0.0 L1 MS
1.1.6 (L1) Ensure 'Store passwords using reversible encryption' is set to 'Disabled'	Windows	CIS Microsoft Windows Server 2019 Stand-alone v2.0.0 L1 MS
1.1.6 (L1) Ensure 'Store passwords using reversible encryption' is set to 'Disabled'	Windows	CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 MS
1.1.6 (L1) Ensure 'Store passwords using reversible encryption' is set to 'Disabled'	Windows	CIS Windows Server 2012 R2 MS L1 v3.0.0
1.1.6 (L1) Ensure 'Store passwords using reversible encryption' is set to 'Disabled'	Windows	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1
1.1.6 (L1) Ensure 'Store passwords using reversible encryption' is set to 'Disabled'	Windows	CIS Windows Server 2012 R2 DC L1 v3.0.0
1.1.6 (L1) Ensure 'Store passwords using reversible encryption' is set to 'Disabled'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker
1.1.6 (L1) Ensure 'Store passwords using reversible encryption' is set to 'Disabled'	Windows	CIS Microsoft Windows Server 2016 v3.0.0 L1 DC
1.1.6 (L1) Ensure 'Store passwords using reversible encryption' is set to 'Disabled'	Windows	CIS Microsoft Windows Server 2019 v3.0.1 L1 DC
1.1.6 (L1) Ensure 'Store passwords using reversible encryption' is set to 'Disabled'	Windows	CIS Microsoft Windows 8.1 v2.4.0 L1
1.1.6 (L1) Ensure 'Store passwords using reversible encryption' is set to 'Disabled'	Windows	CIS Microsoft Windows Server 2019 v3.0.1 L1 MS
1.1.6 (L1) Ensure 'Store passwords using reversible encryption' is set to 'Disabled'	Windows	CIS Windows Server 2012 MS L1 v3.0.0
1.1.6 Ensure 'Relax minimum password length limits' is set to 'Enabled'	Windows	CIS Microsoft Windows 11 Stand-alone v1.0.0 L1 + BL + NG
1.1.6 Ensure 'Relax minimum password length limits' is set to 'Enabled'	Windows	CIS Microsoft Windows 11 Enterprise v2.0.0 L1 + BL
1.1.6 Ensure 'Relax minimum password length limits' is set to 'Enabled'	Windows	CIS Microsoft Windows 11 Stand-alone v2.0.0 L1
1.1.6 Ensure 'Relax minimum password length limits' is set to 'Enabled'	Windows	CIS Microsoft Windows 10 Stand-alone v2.0.0 L1 + BL
1.1.6 Ensure 'Relax minimum password length limits' is set to 'Enabled'	Windows	CIS Microsoft Windows 10 Enterprise v2.0.0 L1
1.1.6 Ensure 'Relax minimum password length limits' is set to 'Enabled'	Windows	CIS Microsoft Windows 10 Enterprise v2.0.0 L1 + BL
1.1.6 Ensure 'Relax minimum password length limits' is set to 'Enabled'	Windows	CIS Microsoft Windows 10 Enterprise (Release 21H1) v1.11.0 L1
1.1.6 Ensure 'Relax minimum password length limits' is set to 'Enabled'	Windows	CIS Microsoft Windows 11 Enterprise v1.0.0 L1 + BL
1.1.6 Ensure 'Relax minimum password length limits' is set to 'Enabled'	Windows	CIS Microsoft Windows 10 Enterprise (Release 21H1) v1.11.0 L1 + NG
1.1.6 Ensure 'Relax minimum password length limits' is set to 'Enabled'	Windows	CIS Microsoft Windows 11 Enterprise v1.0.0 L1 + BL + NG
1.1.6 Ensure 'Relax minimum password length limits' is set to 'Enabled'	Windows	CIS Microsoft Windows 11 Stand-alone v1.0.0 L1 + NG
1.1.12 Ensure that password hash sync is enabled for hybrid deployments	microsoft_azure	CIS Microsoft 365 Foundations E3 L1 v2.0.0
1.1.20 Ensure that the --token-auth-file parameter is not set	Unix	CIS Kubernetes 1.13 Benchmark v1.4.0 L1
1.1.20 Ensure that the --token-auth-file parameter is not set	Unix	CIS Kubernetes 1.13 Benchmark v1.4.1 L1

Detections

Analytics

CSCv7|16.4

Title

Description

Reference Item Details

Audit Items