STIGhubSTIGhub
STIGsRMF ControlsCompare
STIGhub— A free STIG search and compliance tool·STIGs updated 3 days ago
Powered by Pylon·Privacy·Terms·© 2026 Beacon Cloud Solutions, Inc.
← Back to Microsoft Windows 10 Security Technical Implementation Guide

V-220716

CAT II (Medium)

Accounts must be configured to require password expiration.

Rule ID

SV-220716r569187_rule

STIG

Microsoft Windows 10 Security Technical Implementation Guide

Version

V2R9

CCIs

CCI-000199

Discussion

Passwords that do not expire increase exposure with a greater probability of being discovered or cracked.

Check Content

Run "Computer Management".
Navigate to System Tools >> Local Users and Groups >> Users.
Double click each active account.

If "Password never expires" is selected for any account, this is a finding.

Fix Text

Configure all passwords to expire.
Run "Computer Management".
Navigate to System Tools >> Local Users and Groups >> Users.
Double click each active account.
Ensure "Password never expires" is not checked on all active accounts.