DBMS account passwords should be set to expire every 60 days or more frequently.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-15153 | DG0125-SQLServer9 | SV-19452r1_rule | IAIA-1 IAIA-2 | Medium |
| Description |
|---|
| Unchanged passwords provide a means for compromised passwords to be used for unauthorized access to DBMS accounts over a long time. |
| STIG | Date |
|---|---|
| Microsoft SQL Server 2005 Instance Security Technical Implementation Guide | 2015-04-03 |
Details
| Check Text ( None ) |
|---|
| None |
| Fix Text (F-18422r1_fix) |
|---|
| Set SQL Server logins to check password expiration. ALTER LOGIN [user name] WITH CHECK_EXPIRATION = ON |