An error occurred:

Check: HMC0110

IBM Hardware Management Console (HMC) STIG: HMC0110 (in version v2 r1)

Title

The PASSWORD History Count value must be set to 10 or greater. (Cat II impact)

Discussion

History Count specifies the number of previous passwords saved for each USERID and compares it with an intended new password. If there is a match with one of the previous passwords, or with the current password, it will reject the intended new password. The improper setting of any of these fields, individually or in combination with another, can compromise the security of the processing environment.

Check Content

Have the system administrator (SA) display the Password Profile Task window on the Hardware Management Console and validate that the History Count is set to 10. If the History Count is less than 10, then this is a finding.

Fix Text

Have the SA go into the Password Profile and set the History Count to 10 or greater.

Additional Identifiers

Rule ID: SV-256878r998329_rule

Vulnerability ID: V-256878

Group Title: SRG-OS-000077-GPOS-00045

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.
Number Definition
CCI-004061

For password-based authentication, verify when users create or update passwords, that the passwords are not found on the list of commonly-used, expected, or compromised passwords in IA-5 (1) (a).

Controls

Controls tied to check. These are derived from the CCIs shown above.
Number Title
No controls are assigned to this check