Back

Configure the "MSS: (DisableSavePassword) Prevent the dial-up password from being saved (recommended)" to organizational standards.


CONTROL ID
08208
CONTROL TYPE
Configuration
CLASSIFICATION
Preventive

SUPPORTING AND SUPPORTED CONTROLS




This Control directly supports the implied Control(s):
  • Configure network protection settings to organizational standards., CC ID: 07601

There are no implementation support Controls.


SELECTED AUTHORITY DOCUMENTS COMPLIED WITH




  • Configure the "MSS: (DisableSavePassword) Prevent the dial-up password from being saved (recommended)" setting to "Not Defined". (A3C1925E-683E-4740-A959-AB5E02C25B2D, WinVistaSP2 Computer Security Compliance, 1.0)
  • Configure the "MSS: (DisableSavePassword) Prevent the dial-up password from being saved (recommended)" setting to "Not Defined". (A8FBD8B9-287F-422C-B022-6C9903E19A24, WinVistaSP2 Computer Security Compliance, 1.0)
  • Configure the "MSS: (DisableSavePassword) Prevent the dial-up password from being saved (recommended)" setting to "Not Defined". (604FD398-CCC3-4B2D-81A6-1999F817891E, WinXPSP3 Computer Security Compliance, 1.0)
  • Configure the "MSS: (DisableSavePassword) Prevent the dial-up password from being saved (recommended)" setting to "Not Defined". (0D624069-6926-42EE-89A7-13E095751A44, WinXPSP3 Computer Security Compliance, 1.0)
  • Configure the "MSS: (DisableSavePassword) Prevent the dial-up password from being saved (recommended)" setting to "Enabled". (C07BA891-F283-40CC-AB1A-1D4828CEB9C3, WS2003SP2 Domain Controller Security Compliance, 1.0)
  • Configure the "MSS: (DisableSavePassword) Prevent the dial-up password from being saved (recommended)" setting to "Enabled". (10A96F9C-3F4B-49B6-93DB-CCF14435FD84, WS2003SP2 Domain Controller Security Compliance, 1.0)
  • Configure the "MSS: (DisableSavePassword) Prevent the dial-up password from being saved (recommended)" setting to "Enabled". (69F599EE-BFF8-4858-9CC1-FCB88482DEF1, WS2003SP2 Member Server Security Compliance, 1.0)
  • Configure the "MSS: (DisableSavePassword) Prevent the dial-up password from being saved (recommended)" setting to "Enabled". (A233B69A-D318-43ED-AF41-C2F4BB3C47CB, WS2003SP2 Member Server Security Compliance, 1.0)
  • Configure the "MSS: (DisableSavePassword) Prevent the dial-up password from being saved (recommended)" setting to "Not Defined". (CCF67488-BDCC-4B4C-980B-BE907F610A4E, WS2008SP2 Domain Controller Security Compliance, 1.0)
  • Configure the "MSS: (DisableSavePassword) Prevent the dial-up password from being saved (recommended)" setting to "Not Defined". (C898B403-B145-4868-8777-5C68150E755F, WS2008SP2 Domain Controller Security Compliance, 1.0)
  • Configure the "MSS: (DisableSavePassword) Prevent the dial-up password from being saved (recommended)" setting to "Not Defined". (7971338A-B77F-4885-A949-579656C91A29, WS2008SP2 Member Server Security Compliance, 1.0)
  • Configure the "MSS: (DisableSavePassword) Prevent the dial-up password from being saved (recommended)" setting to "Not Defined". (10461446-BCB0-42E9-983A-541EE1B114B5, WS2008SP2 Member Server Security Compliance, 1.0)
  • Title: Configure 'MSS: (DisableSavePassword) Prevent the dial-up password from being saved (recommended)' Description: This entry appears as MSS: (DisableSavePassword) Prevent the dial-up password from being saved (recommended) in the SCE. By default, Windows will offer the option to save pas… (Rule: xccdf_org.cisecurity.benchmarks_rule_1.1.1.2.1.42_Configure_MSS_DisableSavePassword_Prevent_the_dial-up_password_from_being_saved_recommended Artifact Expression: xccdf_org.cisecurity.benchmarks_ae_1.1.1.2.1.42.1_, The Center for Internet Security Microsoft Windows Server 2008 Level 1 Domain Controller Benchmark, 2.1.0)
  • Title: Configure 'MSS: (DisableSavePassword) Prevent the dial-up password from being saved (recommended)' Description: This entry appears as MSS: (DisableSavePassword) Prevent the dial-up password from being saved (recommended) in the SCE. By default, Windows will offer the option to save pas… (Rule: xccdf_org.cisecurity.benchmarks_rule_1.1.1.2.1.42_Configure_MSS_DisableSavePassword_Prevent_the_dial-up_password_from_being_saved_recommended Artifact Expression: xccdf_org.cisecurity.benchmarks_ae_1.1.1.2.1.42.2_, The Center for Internet Security Microsoft Windows Server 2008 Level 1 Domain Controller Benchmark, 2.1.0)
  • Title: Configure 'MSS: (DisableSavePassword) Prevent the dial-up password from being saved (recommended)' Description: This entry appears as MSS: (DisableSavePassword) Prevent the dial-up password from being saved (recommended) in the SCE. By default, Windows will offer the option to save pas… (Rule: xccdf_org.cisecurity.benchmarks_rule_1.1.1.2.1.42_Configure_MSS_DisableSavePassword_Prevent_the_dial-up_password_from_being_saved_recommended Artifact Expression: xccdf_org.cisecurity.benchmarks_ae_1.1.1.2.1.42.1_, The Center for Internet Security Microsoft Windows Server 2008 Level 1 Member Server Benchmark, 2.1.0)
  • Title: Configure 'MSS: (DisableSavePassword) Prevent the dial-up password from being saved (recommended)' Description: This entry appears as MSS: (DisableSavePassword) Prevent the dial-up password from being saved (recommended) in the SCE. By default, Windows will offer the option to save pas… (Rule: xccdf_org.cisecurity.benchmarks_rule_1.1.1.2.1.42_Configure_MSS_DisableSavePassword_Prevent_the_dial-up_password_from_being_saved_recommended Artifact Expression: xccdf_org.cisecurity.benchmarks_ae_1.1.1.2.1.42.2_, The Center for Internet Security Microsoft Windows Server 2008 Level 1 Member Server Benchmark, 2.1.0)
  • Disable saving of dial-up passwords should be properly configured. Technical Mechanisms: (1) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Rasman\Parameters\DisableSavePassword Parameters: (1) enabled/disabled References: CCE-156 Disable saving of dial up password (CCE-4010-5, Common Configuration Enumeration List, Combined XML: Windows 2000, 5.20130214)
  • Disable saving of dial-up passwords should be properly configured. Technical Mechanisms: (1) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Rasman\Parameters\DisableSavePassword Parameters: (1) enabled/disabled References: CCE-156 5.4.6.6 ConGp: Prevent the dial-up password from being saved… (CCE-3757-2, Common Configuration Enumeration List, Combined XML: Windows Server 2003, 5.20130214)
  • Disable saving of dial-up passwords should be properly configured. Technical Mechanisms: (1) HKLM\SYSTEM\CurrentControlSet\Services\RasMan\Parameters\DisableSavePassword (2) Computer Configuration\Windows Settings\Local Policies\Security Options\MSS: (DisableSavePassword) Prevent the dial-up passsw… (CCE-7893-1, Common Configuration Enumeration List, Combined XML: Windows Server 2008, 5.20130214)