2.2.1 (L1) Ensure 'Access Credential Manager as a trusted caller' is set to 'No One' (Automated)
2.2.1 (L1) Ensure 'Access Credential Manager as a trusted caller' is set to 'No One' (Automated)
This user right is used by Credential Manager during Backup/Restore. No accounts should've this privilege, as it's only assigned to Winlogon. Users' saved credentials might be compromised if this privilege is given to other entities.
./Device/Vendor/MSFT/Policy/Config/UserRights/AccessCredentialManagerAsTrustedCaller
Format: chr (string)
Value: No one
YES
User Rights
Access Credential Manager As Trusted Caller
Previous2.2 User Rights AssignmentNext2.2.2 (L1) Ensure 'Access this computer from the network' is set to 'Administrators, Remote Desktop
Last updated