Title

Ubuntu 24.04 LTS must have the "libpam-pwquality" package installed. (Cat II impact)

Discussion

Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. "pwquality" enforces complex password construction configuration and has the ability to limit brute-force attacks on the system.

Check Content

Verify Ubuntu 24.04 LTS has the "libpam-pwquality" package installed with the following command: $ dpkg -l | grep libpam-pwquality ii libpam-pwquality:amd64 1.4.5-3build1 amd64 PAM module to check password strength If "libpam-pwquality" is not installed, this is a finding.

Fix Text

Install the "pam_pwquality" package by using the following command: $ sudo apt install -y libpam-pwquality

Additional Identifiers

Rule ID: SV-270661r1067175_rule

Vulnerability ID: V-270661

Group Title: SRG-OS-000480-GPOS-00225

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.