Check: GEN000680
AIX 5.3 STIG:
GEN000680
(in version v1 r3)
Title
The system must require passwords to contain no more than three consecutive repeating characters. (Cat II impact)
Discussion
To enforce the use of complex passwords, the number of consecutive repeating characters is limited. Passwords with excessive repeated characters may be more vulnerable to password-guessing attacks.
Check Content
Check the maxrepeats setting. Procedure: # grep -i maxrepeats /etc/security/user OR # lsuser -a maxrepeats ALL If the maxrepeats setting is greater than 3, this is a finding.
Fix Text
Use the chsec command to set maxrepeats to 3. # chsec -f /etc/security/user -s default -a maxrepeats=3 # chuser maxrepeats=3 < user id >
Additional Identifiers
Rule ID: SV-38675r1_rule
Vulnerability ID: V-11975
Group Title:
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-000366 |
The organization implements the security configuration settings. |
Controls
Number | Title |
---|---|
CM-6 |
Configuration Settings |