diff --git a/roles/cis_baseline/README.md b/roles/cis_baseline/README.md
index 26a8900..2900bb9 100644
--- a/roles/cis_baseline/README.md
+++ b/roles/cis_baseline/README.md
@@ -8,6 +8,7 @@ Due to missing packages or capabilities related to Arch Linux, the following
 chapters and controls have not yet been implemented:
 
 * 1.3 Filesystem Integrity Checking (missing and broken AIDE packages)
+* 1.4.4 Interactive Boot Disabling (not supported for systemd-boot)
 
 ## Example Playbook
 
diff --git a/roles/cis_baseline/molecule/default/tests/1_4_boot_settings.yml b/roles/cis_baseline/molecule/default/tests/1_4_boot_settings.yml
index 7f553d1..6c3e36f 100644
--- a/roles/cis_baseline/molecule/default/tests/1_4_boot_settings.yml
+++ b/roles/cis_baseline/molecule/default/tests/1_4_boot_settings.yml
@@ -22,6 +22,12 @@
   when: ansible_connection not in ["container", "docker", "community.docker.docker"]
 
 # 1.4.3 Ensure authentication required for single user mode (Scored)
+- name: 1.4.3 test if root password is set
+  ansible.builtin.command:
+    cmd: grep '^root:[*\!]:' /etc/shadow
+  register: out
+  changed_when: false
+  failed_when: out.stdout_lines | length > 0
 
 # 1.4.4 Ensure interactive boot is not enabled (Not Scored)
 #
diff --git a/roles/cis_baseline/tasks/1_4_boot_settings.yml b/roles/cis_baseline/tasks/1_4_boot_settings.yml
index 77f7997..6e774bc 100644
--- a/roles/cis_baseline/tasks/1_4_boot_settings.yml
+++ b/roles/cis_baseline/tasks/1_4_boot_settings.yml
@@ -24,6 +24,14 @@
         ansible_connection not in ["container", "docker", "community.docker.docker"]
 
 # 1.4.3 Ensure authentication required for single user mode (Scored)
+- name: 1.4.3 ensure root password is set
+  ansible.builtin.command:
+    cmd: grep '^root:[*\!]:' /etc/shadow
+  register: out
+  changed_when: false
+  failed_when: out.stdout_lines | length > 0
+  when: not '1.4.3' in cis_baseline_ignored_rules
 
 # 1.4.4 Ensure interactive boot is not enabled (Not Scored)
+#
 # Not available for systemd-boot