Detections
Analytics
Account with Possible Empty Password
high
Language:
Description
Configuring an account with an optional password during account creation or password reset allows the account to have an empty password (i.e. no required password to log in), and exposes it to compromise.
Solution
Check that you configured all Active Directory accounts properly to disallow the use of blank passwords, especially for privileged accounts.
See Also
How to use the UserAccountControl flags to manipulate user account properties