a115da09-58b1-40dd-85ca-6f6e4cac977d
The username is one part of logon credentials that could be used to gain access to a system. Preventing the enumeration of users limits this information to authorized personnel.
To fix this configure the policy value for
Computer Configuration
|_ Administrative Templates
|_ System
|_ Logon
|_ "Enumerate local users on domain-joined computers" to "Disabled".
STIG: Server:
2022: https://www.stigviewer.com/stig/microsoft_windows_server_2022/2023-09-11/finding/V-254430
2019: https://www.stigviewer.com/stig/windows_server_2019/2020-06-15/finding/V-93419 / https://www.stigviewer.com/stig/microsoft_windows_server_2019/2023-09-11/finding/V-205696
2016: https://www.stigviewer.com/stig/microsoft_windows_server_2016/2023-08-22/finding/V-225009 / https://www.stigviewer.com/stig/windows_server_2016/2020-06-16/finding/V-73533
Desktop:
W11: https://www.stigviewer.com/stig/microsoft_windows_11/2023-09-29/finding/V-253379
W10: https://www.stigviewer.com/stig/microsoft_windows_10/2023-09-29/finding/V-220820 / https://www.stigviewer.com/stig/windows_10/2021-08-18/finding/V-220820
Nist 800-53: AC-6(10)
Nist 800-171: 3.1.7