V-220704
CAT IWindows 10 systems must use a BitLocker PIN with a minimum length of six digits for pre-boot authentication.
- Ships Affected
- 1
- Total Findings
- 4
- Open
- 0
- Closed
- 4
Check Text
If the following registry value does not exist or is not configured as specified, this is a finding.
For virtual desktop implementations (VDIs) in which the virtual desktop instance is deleted or refreshed upon logoff, this is NA.
For Azure Virtual Desktop (AVD) implementations with no data at rest, this is NA.
Registry Hive: HKEY_LOCAL_MACHINE
Registry Path: \SOFTWARE\Policies\Microsoft\FVE\
Value Name: MinimumPIN
Type: REG_DWORD
Value: 0x00000006 (6) or greater
Fix Text
Configure the policy value for Computer Configuration >> Administrative Templates >> Windows Components >> BitLocker Drive Encryption >> Operating System Drives "Configure minimum PIN length for startup" to "Enabled" with "Minimum characters:" set to "6" or greater.
STIG Reference
- STIG
- Microsoft Windows 10 Security Technical Implementation Guide
- Version
- 3
- Release
- 6
- Rule ID
- SV-220704r958552_rule
All Occurrences
This vulnerability appears on 1 ship(s)
| Ship | Hull # | Source File | Status | Assigned To | Scan Date | Actions |
|---|---|---|---|---|---|---|
| USNS MONTFORD POINT | T-ESD-1 | MONT-SW-89134_Win10_V3R5_20251217-201218.ckl | Unassigned | 2026-03-04T15:25:42.339596 | View in Context | |
| USNS MONTFORD POINT | T-ESD-1 | MONT-SW-89108_Win10_V3R5_20251217-203019.ckl | Unassigned | 2026-03-04T15:25:16.342077 | View in Context | |
| USNS MONTFORD POINT | T-ESD-1 | _Reviewed/MONT-WS-92010/Checklist/MONT-WS-92010_Win10_V3R4_20251023-141133.ckl | Unassigned | 2026-01-14T12:57:28.689048 | View in Context | |
| USNS MONTFORD POINT | T-ESD-1 | _Reviewed/MONT-WS-92040/Checklist/MONT-WS-92040_Win10_V3R4_20251023-142421.ckl | Unassigned | 2026-01-14T12:57:26.690022 | View in Context |