Issue:
* The message "Policy does not require the password" is seen next to the user properties under the device status in the Elements Security Center. What goes wrong with the user on the device in this case?
* The issue "Device at risk due to accounts for which password is not required" is showing up in the dashboard in the Elements Security Center. How can I get this fixed?
Resolution:
The message "Policy does not require the password" is showing up under the device status if the local user is not subject to the password policy regarding the length of password. We do not have the option to hide this issue in the portal without fixing this.
In this case, the local user can have a shorter password than it is required, or it may even have no password at all. You need to check and tweak the UserAccountControl attribute of the user to remove the flag "UF_PASSWD_NOTREQD" if it is found.
You may run the following command to validate the flag of the local user:
net user <username>
If password required flag is "NO" for the user, run the following command to fix it:
net user <username> /passwordreq:yes
We would recommend to get this fix soon as possible to avoid any password leak and other potential issues.
Article no: 000043081