STIGQter: STIG Summary: Windows 2008 Member Server Security Technical Implementation Guide Version: 6 Release: 43 Benchmark Date: 26 Jul 2019: The Windows 2008 password for the built-in Administrator account must be changed at least annually or when a member of the administrative team leaves the organization.SV-29750r2_rule
V-14225
Administrator Account Password Changes
3.122
CAT II
10
Change the built-in Administrator account password at least annually or whenever an administrator leaves the organization. More frequent changes are recommended.
Automated tools, such as Microsoft's LAPS, may be used on domain-joined member servers to accomplish this.
Review the password last set date for the built-in Administrator account.
Open "Windows PowerShell" or "Command Prompt".
Enter 'Net User [account name] | Find /i "Password Last Set"', where [account name] is the name of the built-in Administrator account.
(The name of the built-in Administrator account must be changed to something other than "Administrator" per STIG requirements.)
If the "PasswordLastSet" date is greater than one year old, this is a finding.
V-14225
False
3.122
Review the password last set date for the built-in Administrator account.
Open "Windows PowerShell" or "Command Prompt".
Enter 'Net User [account name] | Find /i "Password Last Set"', where [account name] is the name of the built-in Administrator account.
(The name of the built-in Administrator account must be changed to something other than "Administrator" per STIG requirements.)
If the "PasswordLastSet" date is greater than one year old, this is a finding.
M
Information Assurance Officer
1340