STIG V-268512 | The macOS system must disable unatten...

macOS 15 - Sequoia

The macOS system must disable unattended or automatic login to the system

STIG ID: APPL-15-002066 | SRG: SRG-OS-000104-GPOS-00051 | Severity: High | CCI: CCI-000764,CCI-000366 | Vulnerability ID: V-268512

Description

Automatic login must be disabled.When automatic logins are enabled, the default user account is automatically logged on at boot time without prompting the user for a password. Even if the screen is later locked, a malicious user would be able to reboot the computer and find it already logged in. Disabling automatic logins mitigates this risk.Satisfies: SRG-OS-000104-GPOS-00051, SRG-OS-000480-GPOS-00229

Check

C-268512r1034476_chk

Verify the macOS system is configured to disable unattended or automatic login to the system with the following command:/usr/bin/osascript -l JavaScript << EOS$.NSUserDefaults.alloc.initWithSuiteName('com.apple.loginwindow')\.objectForKey('com.apple.login.mcx.DisableAutoLoginClient').jsEOSIf the result is not "true", this is a finding.

Fix

F-72443r1034475_fix

Configure the macOS system to disable unattended or automatic login to the system by installing the "com.apple.loginwindow" configuration profile.