PingSentry   |   Discord   |   System32   |   GitHub   |   Free tools

Accounts: The computer account password must not be prevented from being reset

e0059e71-73e6-4c05-9f59-b224041025ea

Computer account passwords are changed automatically on a regular basis. Disabling automatic password changes can make the system more vulnerable to malicious access. Frequent password changes can be a significant safeguard for the system. A new password for the computer account will be generated every 30 days.

Remediation

To fix this configure the policy value for
Computer Configuration
|_ Windows Settings
|_ Security Settings
|_ Local Policies
|_ Security Options
|_ "Domain member: Disable machine account password changes" to "Disabled".

STIG
Server:
2022: https://stigviewer.com/stigs/microsoft_windows_server_2022/2024-06-14/finding/V-254453
2019: https://stigviewer.com/stigs/microsoft_windows_server_2019/2024-06-14/finding/V-205815

Desktop:
11: https://stigviewer.com/stigs/microsoft_windows_11/2024-06-10/finding/V-253441
10: https://stigviewer.com/stigs/microsoft_windows_10/2024-06-13/finding/V-220917

NIST 800-53: CM-6b.
CAT: III
CCI:CCI-000366
PCI-DSS v4: 10.7, 10.7.1, 10.7.2, 10.7.3
Rule-ID:V-29029r1_rule
STIG-ID:3.044, Vuln-ID|V-1165
MITRE Att&ck: T1098



Tags

nist800-53-desktop nist800-53-server stig-low-desktop stig-medium-server pci-dss-v4-desktop pci-dss-v4-server mitre-att-desktop mitre-att-server

Your Privacy Choices

Manage your cookie preferences below:

Helps us improve website performance and understand how visitors use our site.

Allows us to collect feedback about our products and improve them based on your input.

To learn more about our use of cookies, please see our
Privacy Policy.