Built off the open source project Osquery
Description: Checks for the value of 'LimitBlankPasswordUse' registry key. Recommendation is for the value of this key to be '1' which prevents network connections from accessing the machine using a blank password.
What The Data Shows: Attackers may set this to '0' to and use local accounts to maintain access over the network.
SQL:
SELECT CASE
WHEN 1 THEN "Blank Password Auth via Network Not Possible"
WHEN 0 THEN "Blank Password Auth via Network Possible"
END "LimitBlankPasswordUse"
FROM registry WHERE PATH="HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa";
Copyright © 2005-2023 Broadcom. All Rights Reserved. The term “Broadcom” refers to Broadcom Inc. and/or its subsidiaries.