STIGhubSTIGhub
STIGsRMF ControlsCompare
STIGhub— A free STIG search and compliance tool·STIGs updated 3 days ago
Powered by Pylon·Privacy·Terms·© 2026 Beacon Cloud Solutions, Inc.
← Back to Apple macOS 12 (Monterey) Security Technical Implementation Guide

V-252538

CAT III (Low)

The macOS system logon window must be configured to prompt for username and password, rather than show a list of users.

Rule ID

SV-252538r991591_rule

STIG

Apple macOS 12 (Monterey) Security Technical Implementation Guide

Version

V1R9

CCIs

CCI-000366

Discussion

The logon window must be configured to prompt all users for both a username and a password. By default, the system displays a list of known users at the logon screen. This gives an advantage to an attacker with physical access to the system, as the attacker would only have to guess the password for one of the listed accounts.

Check Content

To check if the logon window is configured to prompt for user name and password, run the following command:

/usr/sbin/system_profiler SPConfigurationProfileDataType | /usr/bin/grep SHOWFULLNAME

If there is no result, or "SHOWFULLNAME" is not set to "1", this is a finding.

Fix Text

This setting is enforced using the "Login Window Policy" configuration profile.