STIGQter STIGQter: STIG Summary: Windows 2008 Member Server Security Technical Implementation Guide Version: 6 Release: 43 Benchmark Date: 26 Jul 2019: The Windows 2008 password for the built-in Administrator account must be changed at least annually or when a member of the administrative team leaves the organization.

DISA Rule

SV-29750r2_rule

Vulnerability Number

V-14225

Group Title

Administrator Account Password Changes

Rule Version

3.122

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Change the built-in Administrator account password at least annually or whenever an administrator leaves the organization. More frequent changes are recommended.

Automated tools, such as Microsoft's LAPS, may be used on domain-joined member servers to accomplish this.

Check Contents

Review the password last set date for the built-in Administrator account.

Open "Windows PowerShell" or "Command Prompt".

Enter 'Net User [account name] | Find /i "Password Last Set"', where [account name] is the name of the built-in Administrator account.

(The name of the built-in Administrator account must be changed to something other than "Administrator" per STIG requirements.)

If the "PasswordLastSet" date is greater than one year old, this is a finding.

Vulnerability Number

V-14225

Documentable

False

Rule Version

3.122

Severity Override Guidance

Review the password last set date for the built-in Administrator account.

Open "Windows PowerShell" or "Command Prompt".

Enter 'Net User [account name] | Find /i "Password Last Set"', where [account name] is the name of the built-in Administrator account.

(The name of the built-in Administrator account must be changed to something other than "Administrator" per STIG requirements.)

If the "PasswordLastSet" date is greater than one year old, this is a finding.

Check Content Reference

M

Responsibility

Information Assurance Officer

Target Key

1340

Comments