Check: 3.057
Windows 2003 DC STIG:
3.057
(in version v6 r40)
Title
Reversible password encryption is not disabled. (Cat II impact)
Discussion
Storing passwords using reversible encryption is essentially the same as storing clear-text versions of the passwords. For this reason, this policy should never be enabled.
Check Content
Fix Text
Configure the system to prevent passwords from being saved using reverse encryption.
Additional Identifiers
Rule ID: SV-2372r1_rule
Vulnerability ID: V-2372
Group Title:
Expert Comments
Expert comments are only available to logged-in users.
CCIs
CCIs tied to check.
| Number | Definition |
|---|---|
| CCI-000196 |
The information system, for password-based authentication, stores only cryptographically-protected passwords. |
Controls
Controls tied to check. These are derived from the CCIs shown above.
| Number | Title |
|---|---|
| IA-5(1) |
Password-based Authentication |