Supported authentication schemes must be configured.
Severity | Group ID | Group Title | Version | Rule ID | Date | STIG Version |
|---|---|---|---|---|---|---|
| medium | V-235761 | SRG-APP-000142 | EDGE-00-000048 | SV-235761r960966_rule | 2024-09-13 | 2 |
| Description |
|---|
| This setting specifies which HTTP authentication schemes are supported. The policy can be configured by using these values: "basic", "digest", "ntlm", and "negotiate". Separate multiple values with commas. If this policy is not configured, all four schemes are used. |
| ℹ️ Check |
|---|
| The policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/HTTP authentication/Supported authentication schemes" must be set to "ntlm,negotiate". Use the Windows Registry Editor to navigate to the following key: HKLM\SOFTWARE\Policies\Microsoft\Edge If the value for "AuthSchemes" is not set to "REG_SZ = ntlm,negotiate", this is a finding. |
| ✔️ Fix |
|---|
| Set the policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/HTTP authentication/Supported authentication schemes" to "ntlm,negotiate". |