Disable Accounts Due to Inactivity

The more accounts on a computer system, the higher the risk of unauthorized activity. This is due to the potential for unauthorized activity going unnoticed and the higher likelihood of weak passwords. Unused accounts are also good candidates for brute force attacks on systems that report the last logon attempt or lock out accounts after a set number of failed logon attempts.

In addition, unused accounts often belong to terminated users. By automatically disabling accounts due to inactivity, terminated users who "slip through the cracks" of a termination process will be automatically disabled. Given that Unix accounts are often missed in manual termination checklist processes, an automated process is an excellent mitigating control.

Please click here to ask Chris for guidance on this test or the results that you received.

5-90

	New
Active Directory Date Converter
Unix Timestamp Date Converter
Unix Security Analyzer
Windows Security Analyzer
NIST SP 800-63 password policy compliance checker

	Sponsors

	News: Schneier
UAE Man-in-the-Middle Attack Against SSL Successful Attack Against a Quantum Cryptography System Cyber-Offence is the New Cyber-Defense Wanted: Skein Hardware Help More Skein News

	News: SecurityFocus
News: Change in Focus News: Twitter attacker had proper credentials News: PhotoDNA scans images for child abuse News: Conficker data highlights infected networks Brief: Google offers bounty on browser bugs

	News: CNN
Users amused, annoyed by Facebook Places 'NHL2K11' shoots, but sometimes misses Facebook testing a 'stalker button' iTunes Ping: The missing thing

	Statistics

Mesothelioma Survival