Check: ACF2-ES-000840
IBM z/OS ACF2 STIG:
ACF2-ES-000840
(in versions v9 r3 through v8 r2)
Title
ACF2 PSWD GSO record value must be set to require at least one uppercase character be used. (Cat II impact)
Discussion
Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
Check Content
From the ISPF Command Shell enter: ACF to enter ACF2 Command shell enter SET CONTROL(GSO) LIST PSWD If NOPSWDUC is listed, this is a finding.
Fix Text
Configure the GSO option "PSWDUC" to "YES".
Additional Identifiers
Rule ID: SV-223501r1001105_rule
Vulnerability ID: V-223501
Group Title: SRG-OS-000069-GPOS-00037
Expert Comments
Expert comments are only available to logged-in users.
CCIs
CCIs tied to check.
| Number | Definition |
|---|---|
| CCI-004066 |
For password-based authentication, enforce organization-defined composition and complexity rules. |
Controls
Controls tied to check. These are derived from the CCIs shown above.
| Number | Title |
|---|---|
| No controls are assigned to this check |