e0059e71-73e6-4c05-9f59-b224041025ea
Computer account passwords are changed automatically on a regular basis. Disabling automatic password changes can make the system more vulnerable to malicious access. Frequent password changes can be a significant safeguard for the system. A new password for the computer account will be generated every 30 days.
To fix this configure the policy value for
Computer Configuration
|_ Windows Settings
|_ Security Settings
|_ Local Policies
|_ Security Options
|_ "Domain member: Disable machine account password changes" to "Disabled".
STIG Server:
2022: https://www.stigviewer.com/stig/microsoft_windows_server_2022/2024-06-14/finding/V-254453
2019: https://www.stigviewer.com/stig/microsoft_windows_server_2019/2024-06-14/finding/V-205815 / https://www.stigviewer.com/stig/windows_server_2019/2020-06-15/finding/V-93455
2016: https://www.stigviewer.com/stig/microsoft_windows_server_2016/2024-02-21/finding/V-225032 / https://www.stigviewer.com/stig/windows_server_2016/2020-06-16/finding/V-73639
Desktop:
11: https://www.stigviewer.com/stig/microsoft_windows_11/2024-06-10/finding/V-253441
10: https://www.stigviewer.com/stig/microsoft_windows_10/2024-06-13/finding/V-220917 / https://www.stigviewer.com/stig/windows_10/2021-08-18/finding/V-220917
NIST 800-53: CM-6b.
CAT: III
CCI:CCI-000366
PCI-DSS v4: 10.7, 10.7.1, 10.7.2, 10.7.3
Rule-ID:V-29029r1_rule
STIG-ID:3.044, Vuln-ID|V-1165
MITRE Att&ck: T1098