Cool Halo Trick #8: ID Accounts without passwords

Problem: I need to do a quick sanity check of all of my servers to ensure every account has an assigned password.

Halo configuration checks can be used to identify accessible accounts that do not have a password assigned.

From the main Halo menu, navigate Policies –> Configuration Policies. You can choose to create a new policy, or modify an existing one.

Add a new rule and give it a descriptive name such as “Verify users have passwords”. Click the “Add New Check” button and select “User Has Password”. You can define specific accounts to check, or use “ALL” to check all system accounts.

Return to the main menu and edit the details for the group you wish to check. Verify that the configuration policy that includes this check has been assigned.

Save any changes and launch a new scan. Accounts that are either locked or have a password assigned will be displayed in green. Accessible accounts without a password will be displayed in red.

Stay up to date

Get the latest news and tips on protecting critical business assets.

Related Posts