PingSentry   |   Discord   |   System32   |   GitHub   |   Free tools

Validation Scripts


Results
Accounts: Administrator accounts must not be enumerated during elevation
Accounts: Automatic logons must be disabled
Accounts: Block Microsoft accounts
Accounts: Deny log on locally user right must be configured to prevent access from highly privileged domain accounts
Accounts: Local Admin accounts must have their privileged token filtered to prevent elevated privileges used over the network
Accounts: Local Guest account should be disabled
Accounts: Enable computer and user accounts to be trusted for delegation user right must not be assigned to any groups or accounts on domain-joined and standalone
Accounts: Enable computer and user accounts to be trusted for delegation user right must only be assigned to the Administrators group on domain controllers
Accounts: Local Administrator account should be disabled
Accounts: Local accounts with blank passwords must be restricted to prevent access from the network
Accounts: Built-in Administrator account must be renamed
Accounts: Built-in Guest account must be renamed
Accounts: Must have the built-in Windows password complexity policy enabled
Accounts: Must require passwords
Accounts: The number of allowed bad logon attempts must be configured to three or less
Accounts: Must have the period of time before the bad logon counter is reset configured to 15 minutes or greater
Accounts: must disable automatically signing in the last interactive user after a system-initiated restart
Accounts: Lockout duration must be configured to 15 minutes or greater
Accounts: UIAccess applications must not be allowed to prompt for elevation without using the secure desktop
Accounts: Reversible password encryption must be disabled
Accounts: Users must be prompted to authenticate when the system wakes from sleep (plugged in)
Accounts: Users must be prompted to authenticate when the system wakes from sleep (on battery)
Accounts: User Account Control (UAC) must be configured to detect application installations and prompt for elevation
Accounts: User Account Control must only elevate UIAccess applications that are installed in secure locations
Accounts: User Account Control (UAC) must virtualize file and registry write failures to per-user locations
Tags

Your Privacy Choices

Manage your cookie preferences below:

Helps us improve website performance and understand how visitors use our site.

Allows us to collect feedback about our products and improve them based on your input.

To learn more about our use of cookies, please see our
Privacy Policy.