CSCv7|16.5

Title

Encrypt Transmittal of Username and Authentication Credentials

Description

Ensure that all account usernames and authentication credentials are transmitted across networks using encrypted channels.

Reference Item Details

Category: Account Monitoring and Control

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.1.1 (L1) Ensure 'Enforce password history' is set to '24 or more password(s)'WindowsCIS Microsoft Windows 8.1 v2.4.0 L1
1.1.1 (L1) Ensure 'Enforce password history' is set to '24 or more password(s)'WindowsCIS Microsoft Windows 8.1 v2.4.0 L1 Bitlocker
1.1.1 Ensure 'Enforce password history' is set to '24 or more password(s)'WindowsCIS Microsoft Windows Server 2016 DC L1 v1.3.0
1.1.1 Ensure 'Enforce password history' is set to '24 or more password(s)'WindowsCIS Windows Server 2012 DC L1 v2.2.0
1.1.1 Ensure 'Enforce password history' is set to '24 or more password(s)'WindowsCIS Windows Server 2012 MS L1 v2.2.0
1.1.1 Ensure 'Enforce password history' is set to '24 or more password(s)'WindowsCIS Microsoft Windows Server 2016 MS L1 v1.3.0
1.1.2 (L1) Ensure 'Maximum password age' is set to '60 or fewer days, but not 0'WindowsCIS Microsoft Windows 8.1 v2.4.0 L1
1.1.2 (L1) Ensure 'Maximum password age' is set to '60 or fewer days, but not 0'WindowsCIS Microsoft Windows 8.1 v2.4.0 L1 Bitlocker
1.1.2 Ensure 'Maximum password age' is set to '60 or fewer days, but not 0'WindowsCIS Windows Server 2012 DC L1 v2.2.0
1.1.2 Ensure 'Maximum password age' is set to '60 or fewer days, but not 0'WindowsCIS Windows Server 2012 MS L1 v2.2.0
1.1.2 Ensure 'Maximum password age' is set to '365 or fewer days, but not 0'WindowsCIS Microsoft Windows Server 2016 DC L1 v1.3.0
1.1.2 Ensure 'Maximum password age' is set to '365 or fewer days, but not 0'WindowsCIS Microsoft Windows Server 2016 MS L1 v1.3.0
1.1.3 (L1) Ensure 'Minimum password age' is set to '1 or more day(s)'WindowsCIS Microsoft Windows 8.1 v2.4.0 L1
1.1.3 (L1) Ensure 'Minimum password age' is set to '1 or more day(s)'WindowsCIS Microsoft Windows 8.1 v2.4.0 L1 Bitlocker
1.1.3 Ensure 'Minimum password age' is set to '1 or more day(s)'WindowsCIS Windows Server 2012 DC L1 v2.2.0
1.1.3 Ensure 'Minimum password age' is set to '1 or more day(s)'WindowsCIS Windows Server 2012 MS L1 v2.2.0
1.1.3 Ensure 'Minimum password age' is set to '1 or more day(s)'WindowsCIS Microsoft Windows Server 2016 MS L1 v1.3.0
1.1.3 Ensure 'Minimum password age' is set to '1 or more day(s)'WindowsCIS Microsoft Windows Server 2016 DC L1 v1.3.0
1.1.4 (L1) Ensure 'Minimum password length' is set to '14 or more character(s)'WindowsCIS Microsoft Windows 8.1 v2.4.0 L1 Bitlocker
1.1.4 (L1) Ensure 'Minimum password length' is set to '14 or more character(s)'WindowsCIS Microsoft Windows 8.1 v2.4.0 L1
1.1.4 Ensure 'Minimum password length' is set to '14 or more character(s)'WindowsCIS Windows Server 2012 MS L1 v2.2.0
1.1.4 Ensure 'Minimum password length' is set to '14 or more character(s)'WindowsCIS Microsoft Windows Server 2016 DC L1 v1.3.0
1.1.4 Ensure 'Minimum password length' is set to '14 or more character(s)'WindowsCIS Windows Server 2012 DC L1 v2.2.0
1.1.4 Ensure 'Minimum password length' is set to '14 or more character(s)'WindowsCIS Microsoft Windows Server 2016 MS L1 v1.3.0
1.1.5 (L1) Ensure 'Password must meet complexity requirements' is set to 'Enabled'WindowsCIS Microsoft Windows 8.1 v2.4.0 L1
1.1.5 (L1) Ensure 'Password must meet complexity requirements' is set to 'Enabled'WindowsCIS Microsoft Windows 8.1 v2.4.0 L1 Bitlocker
1.1.5 Ensure 'Password must meet complexity requirements' is set to 'Enabled'WindowsCIS Windows Server 2012 MS L1 v2.2.0
1.1.5 Ensure 'Password must meet complexity requirements' is set to 'Enabled'WindowsCIS Microsoft Windows Server 2016 MS L1 v1.3.0
1.1.5 Ensure 'Password must meet complexity requirements' is set to 'Enabled'WindowsCIS Microsoft Windows Server 2016 DC L1 v1.3.0
1.1.5 Ensure 'Password must meet complexity requirements' is set to 'Enabled'WindowsCIS Windows Server 2012 DC L1 v2.2.0
1.1.6 (L1) Ensure 'Store passwords using reversible encryption' is set to 'Disabled'WindowsCIS Microsoft Windows 8.1 v2.4.0 L1
1.1.6 (L1) Ensure 'Store passwords using reversible encryption' is set to 'Disabled'WindowsCIS Microsoft Windows 8.1 v2.4.0 L1 Bitlocker
1.1.6 Ensure 'Store passwords using reversible encryption' is set to 'Disabled'WindowsCIS Windows Server 2012 MS L1 v2.2.0
1.1.6 Ensure 'Store passwords using reversible encryption' is set to 'Disabled'WindowsCIS Microsoft Windows Server 2016 DC L1 v1.3.0
1.1.6 Ensure 'Store passwords using reversible encryption' is set to 'Disabled'WindowsCIS Windows Server 2012 DC L1 v2.2.0
1.1.6 Ensure 'Store passwords using reversible encryption' is set to 'Disabled'WindowsCIS Microsoft Windows Server 2016 MS L1 v1.3.0
1.2 Ensure modern authentication for Exchange Online is enabledmicrosoft_azureCIS Microsoft 365 Foundations E3 L1 v1.4.0
1.2.3 Ensure 'Reset account lockout counter after' is set to '15 or more minute(s)'WindowsCIS Microsoft Windows Server 2016 DC L1 v1.3.0
1.2.3 Ensure 'Reset account lockout counter after' is set to '15 or more minute(s)'WindowsCIS Windows Server 2012 R2 MS L1 v2.5.0
1.2.3 Ensure 'Reset account lockout counter after' is set to '15 or more minute(s)'WindowsCIS Microsoft Windows Server 2022 v1.0.0 L1 MS
1.2.3 Ensure 'Reset account lockout counter after' is set to '15 or more minute(s)'WindowsCIS Microsoft Windows Server 2022 v1.0.0 L1 DC
1.2.3 Ensure 'Reset account lockout counter after' is set to '15 or more minute(s)'WindowsCIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.0
1.2.3 Ensure 'Reset account lockout counter after' is set to '15 or more minute(s)'WindowsCIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.0
1.2.3 Ensure 'Reset account lockout counter after' is set to '15 or more minute(s)'WindowsCIS Windows Server 2012 MS L1 v2.2.0
1.2.3 Ensure 'Reset account lockout counter after' is set to '15 or more minute(s)'WindowsCIS Windows Server 2012 R2 DC L1 v2.5.0
1.2.3 Ensure 'Reset account lockout counter after' is set to '15 or more minute(s)'WindowsCIS Windows Server 2012 DC L1 v2.2.0
1.2.3 Ensure 'Reset account lockout counter after' is set to '15 or more minute(s)'WindowsCIS Microsoft Windows Server 2016 MS L1 v1.3.0
1.2.3 Ensure 'Reset account lockout counter after' is set to '15 or more minute(s)'WindowsCIS Microsoft Windows Server 2019 DC L1 v1.3.0
1.2.3 Ensure 'Reset account lockout counter after' is set to '15 or more minute(s)'WindowsCIS Microsoft Windows Server 2019 MS L1 v1.3.0
1.2.3 Ensure 'Reset account lockout counter after' is set to '15 or more minute(s)'WindowsCIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.0