Establish secure defaults

Last revision (mm/dd/yy): //

Description
There are many ways to deliver an “out of the box” experience for users. However, by default, the experience should be secure, and it should be up to the user to reduce their security – if they are allowed.

For example, by default, password aging and complexity should be enabled. Users might be allowed to turn these two features off to simplify their use of the application and increase their risk.

Short example name

 * A short example description, small picture, or sample code with links

Short example name

 * A short example description, small picture, or sample code with links

Related Vulnerabilities

 * Vulnerability 1
 * Vulnerabiltiy 2

Related Controls

 * Controls 1
 * Controls 2