Check: GEN000680
HP-UX 11.23 STIG:
GEN000680
(in version v1 r8)
Title
The system must require passwords contain no more than three consecutive repeating characters. (Cat II impact)
Discussion
To enforce the use of complex passwords, the number of consecutive repeating characters is limited. Passwords with excessive repeated characters may be more vulnerable to password-guessing attacks.
Check Content
HP-UX does not currently support enforcement of non-repeating characters; this is always considered a finding.
Fix Text
Configure/modify the system policy to require passwords not contain more than three consecutive repeating characters.
Additional Identifiers
Rule ID: SV-38210r1_rule
Vulnerability ID: V-11975
Group Title: GEN000680
Expert Comments
Expert comments are only available to logged-in users.
CCIs
CCIs tied to check.
| Number | Definition |
|---|---|
| CCI-000366 |
The organization implements the security configuration settings. |
Controls
Controls tied to check. These are derived from the CCIs shown above.
| Number | Title |
|---|---|
| CM-6 |
Configuration Settings |