c3b194cc-701a-43f4-bd84-86caada64337
Permitting passwords to be changed in immediate succession within the same day allows users to cycle passwords through their history database. This enables users to effectively negate the purpose of mandating periodic password changes.
To fix this configure GPO for:
Computer Configuration
|_ Windows Settings
|_ Security Settings
|_ Account Policies
|_ Password Policy
|_ Minimum Password Age to at least "1" day.
Stig Server:
2022 - https://www.stigviewer.com/stig/microsoft_windows_server_2022/2022-08-25/finding/V-254290
2019 - https://www.stigviewer.com/stig/windows_server_2019/2020-06-15/finding/V-93471 / https://www.stigviewer.com/stig/microsoft_windows_server_2019/2022-03-01/finding/V-205656
2016 - https://www.stigviewer.com/stig/microsoft_windows_server_2016/2022-03-01/finding/V-224871
Stig Desktop:
W10 - https://www.stigviewer.com/stig/windows_10/2021-08-18/finding/V-220744
W11 - https://www.stigviewer.com/stig/microsoft_windows_11/2022-06-24/finding/V-253302
NIST 800-171 Rev2: 3.5.1, 3.5.2
NIST 800-171A: 3.5.1[a]. 3.5.1[b], 3.5.1[c]
CMMC V2.0 v1.02 Mapping: IA.1.076 IA.1.077
CMMC V2.0 Level 1 / 2 / 3: IA.L1-3.5.1, IA.L1-3.5.2
CMMC v1: IA.1.077
AICPA TSC 2017: CC6.1
CIS CSC v8: 5.5, 5.6, 6.7, 12.5
COBIT: DSS05.04
CSA CMM v4: IAM-13 IAM-16
IEC 62443-4-2: CR 1.1 (5.3.1) CR 1.1 (5.3.3(1))
ISO 27002: 5.15
ISO 27018: A.10.10
MPA Content Security Program: DS-10.0 DS-8.0
NIST Privacy Framework v1.0: PR.AC-P1 PR.AC-P6
NIST 800-53: IA-2
NIST 800-82: IA-2
NIST 800-161: IA-2
NIST CSF v1.1: PRAC-6
PCIDSS v3.2: 8.1.1, 8.2
PCIDSS v4.0: 7.1, 7.2, 7.2.1, 7.3, 7.3.1, 7.3.2, 7.3.3, 8.1, 8.2, 8.3, 8.3.3, 8.3.9
Shared Assessments SIG 2022: H.3
Tisax ISA v5.1.0: 4.1.1
US CERT RMM v1.2: AM:SG1.SP1, ID:SG1.SP1, ID:SG1.SP2, ID:SG1.SP3, TM:SG4.SP4
US FAR 52.204-21: 52.204-21(b)(1)(i), 52.204-21(b)(1)(v), 52.204-21(b)(1)(vi)
US HIPAA: 164.312(a)(2)(i)
US IRS 1075: 9.3.7.2