The policy to deny access from the network requires a new registry entry in our CredProv section of the registry
The "Deny access to this computer from the network" policy governs user authentication methods in Windows. This policy is typically a requirement for compliance with CMMC/NIST standards, particularly in high-security environments like air-gapped systems, where stringent access controls are essential. The policy is shown below:
To ensure compliance with this policy, you will need to modify the Windows registry. Navigate to the following registry path:
Computer\HKEY_LOCAL_MACHINE\SOFTWARE\SurePassId\CredProv
Here, you should create a new string value named `ForceLocalAuth` and set its value to "1".
This adjustment will alter how SurePassID processes the initial authentication step (username and password), ensuring that it adheres to the established policy without any violations.