Check: 3.122
Windows Vista STIG:
3.122
(in versions v6 r42 through v6 r41)
Title
Administrator Passwords are changed when necessary. (Cat II impact)
Discussion
This check verifies that the passwords for the default and backup administrator accounts are changed at least annually or when any member of the administrative team leaves the organization.
Check Content
Interview the SA or IAM to determine if the site has a policy that requires the default and backup admin passwords to be changed at least annually or when any member of the administrative team leaves the organization.
Fix Text
Define a policy for required password changes for the default and backup admin account.
Additional Identifiers
Rule ID: SV-29749r1_rule
Vulnerability ID: V-14225
Group Title: Administrator Account Password Changes
Expert Comments
Expert comments are only available to logged-in users.
CCIs
CCIs tied to check.
| Number | Definition |
|---|---|
| CCI-000366 |
The organization implements the security configuration settings. |
Controls
Controls tied to check. These are derived from the CCIs shown above.
| Number | Title |
|---|---|
| CM-6 |
Configuration Settings |