Check: 5.102
Win7 Audit:
5.102
(in version v1 r16)
Title
This check verifies that Windows is configured to have password protection take effect within a limited time frame when the screen saver becomes active. (Cat III impact)
Discussion
Allowing more than several seconds makes the computer vulnerable to a potential attack from someone walking up to the console to attempt to log onto the system before the lock takes effect.
Check Content
Fix Text
Configure the policy value for Computer Configuration -> Windows Settings -> Security Settings -> Local Policies -> Security Options -> “MSS: (ScreenSaverGracePeriod) The time in seconds before the screen saver grace period expires (0 recommended)” to “5” or less.
Additional Identifiers
Rule ID: SV-25076r1_rule
Vulnerability ID: V-4442
Group Title: Screen Saver Grace Period
Expert Comments
Expert comments are only available to logged-in users.
CCIs
CCIs tied to check.
| Number | Definition |
|---|---|
| No CCIs are assigned to this check |
Controls
Controls tied to check. These are derived from the CCIs shown above.
| Number | Title |
|---|---|
| No controls are assigned to this check |