[Forgot Password]
Login  Register Subscribe

24437

 
 

132035

 
 

118989

 
 

909

 
 

93902

 
 

143

Paid content will be excluded from the download.


Download | Alert*
CCE
view XML

CCE-91227-9

Platform: ubuntu14.04Date: (C)2017-03-14   (M)2019-02-28



Set Password Creation Requirement Parameters Using pam_cracklib (Scored) The pam_cracklib module checks the strength of passwords. It performs checks such as making sure a password is not a dictionary word, it is a certain length, contains a mix of characters (e.g. alphabet, numeric, other) and more. The following are definitions of the pam_cracklib.so options. * retry=3 - Allow 3 tries before sending back a failure. * minlen=14 - password must be 14 characters or more * dcredit=-1 - provide at least one digit * ucredit=-1 - provide at least one uppercase character * ocredit=-1 - provide at least one special character * lcredit=-1 - provide at least one lowercase character The setting shown above is one possible policy. Alter these values to conform to your own organization's password policies.


Parameter:


Technical Mechanism: Strong passwords protect systems from being hacked through brute force methods. Fix: Set the pam_cracklib.so parameters as follows in /etc/pam.d/common-password: password required pam_cracklib.so retry=3 minlen=14 dcredit=-1 ucredit=-1 ocredit=-1 lcredit=-1

References:

Resource IdReference
SCAP Repo OVAL Definitionoval:org.secpod.oval:def:33925


OVAL    1
oval:org.secpod.oval:def:33925
XCCDF    2
xccdf_org.secpod_benchmark_general_Ubuntu_14_04
xccdf_org.secpod_benchmark_SecPod_Ubuntu_14_04

© SecPod Technologies