STIG ID: APPL-14-002190 | SRG: SRG-OS-000095-GPOS-00049 | Severity: medium | CCI: | Vulnerability Id: V-259527
Password Autofill must be disabled.
macOS allows users to save passwords and use the Password Autofill feature in Safari and compatible
apps. To protect against malicious users gaining access to the system, this feature must be disabled to
prevent users from being prompted to save passwords in applications.
Configure the macOS system to disable password autofill by installing
the "com.apple.applicationaccess" configuration profile.
Verify the macOS system is configured to disable password autofill with the following
command:
/usr/bin/osascript -l JavaScript << EOS
$.NSUserDefaults.alloc.initWithSuiteName('com.apple.applicationaccess')\
.objectForKey('allowPasswordAutoFill').js
EOS
If the result is not "false", this is a finding.