STIG ID: WN10-UC-000015 | SRG: SRG-OS-000095-GPOS-00049 | Severity: low | CCI: | Vulnerability Id: V-220954
Toast notifications that are displayed on the lock screen could display sensitive information to unauthorized personnel. Turning off this feature will limit access to the information to a logged on user.
Configure the policy value for User Configuration >> Administrative Templates >> Start Menu and Taskbar >> Notifications >> "Turn off toast notifications on the lock screen" to "Enabled".
If the following registry value does not exist or is not configured as specified, this is a finding:
Registry Hive: HKEY_CURRENT_USER
Registry Path: \SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\PushNotifications\
Value Name: NoToastApplicationNotificationOnLockScreen
Value Type: REG_DWORD
Value: 1