Accounts: Limit local account use of blank passwords to console logon only

Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options


Determines whether remote interactive logons by network services such as Terminal Services, Telnet, and FTP are allowed for local accounts that have blank passwords. If this setting is enabled, a local account must have a nonblank password to be used to perform an interactive logon from a remote client.

Default: Enabled



This setting does not affect interactive logons that are performed physically at the console.

This setting does not affect logons that use domain accounts.

It is possible for applications that use remote interactive logons to bypass this setting.

For more information, see:

Security Configuration Manager Tools

© 2017 Microsoft Corporation. All rights reserved. Contact Us |Terms of Use |Trademarks |Privacy & Cookies