Disable 'Allow Basic authentication' for WinRM Client

Check whether the Windows Remote Management (WinRM) client uses Basic authentication.

Table of Contents

Potential risk

Basic authentication uses plain text passwords that could be used by an attacker to compromise a system.

Remediation options



Option 1 - Set the following Group Policy:

Computer Configuration\Policies\Administrative Templates\Windows Components\Windows Remote Management (WinRM)\WinRM Client\Allow Basic authentication

To the following value: Disabled

Option 2 - Set the following registry value:

HKLM\SOFTWARE\Policies\Microsoft\Windows\WinRM\Client\AllowBasic

To the following REG_DWORD value: 0