Plain text authentication (Windows)

Module: Network Integrity

Supported Platforms: Windows 2000, Windows 2003, Windows 2008, Windows Vista, Windows XP

This check examines the HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanWorkStation\Parameters\enableplaintextpassword registry value and reports a problem if the value is 1 (plain text enabled).

The following table lists the error message for the check.

Table: Error message for Plain text authentication

Message String ID and Category

Platform and Message Numeric ID

Message Title and Description

Additional Information

String ID: ESM_PLAIN_TEXT_ENABLED

Category: Change Notification

  • Windows 2000 (106339)

  • Windows 2003 (206339)

  • Windows 2008 (249339)

  • Windows Vista (229339)

  • Windows XP (201339)

Title: Plain text authentication is enabled

Description:Plain text password authentication is enabled. Account passwords are transmitted without encryption. To disable plain text authentication, set the registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lanmanworkstation\parameters\enableplaintextpassword to 0. Some third-party applications require plain text authentication.

Severity: yellow-1

Correctable: true

Snapshot Updatable: false

Template Updatable: false

Information Field Format: [%s]