Windows 11 • Release: 6 Benchmark Date: 05 Jan 2026

CAT II V-253273 WN11-00-000090

Accounts must be configured to require password expiration.

Documentable No
Rule ID SV-253273r1051040_rule
CCI References
CCI-004066CCI-000199

Discussion

Passwords that do not expire increase exposure with a greater probability of being discovered or cracked.

Check Procedure

Run "Computer Management".
Navigate to System Tools >> Local Users and Groups >> Users.
Double-click each active account.

If "Password never expires" is selected for any account, this is a finding.

Fix Action

Configure all passwords to expire.
Run "Computer Management".
Navigate to System Tools >> Local Users and Groups >> Users.
Double-click each active account.
Ensure "Password never expires" is not checked on all active accounts.