Title

The IBM z/VM CA VM:Secure product User Exit must not allow 2 consecutive repeated characters. (Cat II impact)

Discussion

Password complexity, or strength, is a measure of the effectiveness of a password in resisting guessing and brute-force attacks. Password complexity is one factor of several that determine how long it takes to crack a password. The more complex the password is, the greater the number of possible combinations that need to be tested before the password is compromised. Use of a complex password helps to increase the time and resources required to compromise the password. Consecutive repeated characters reduce the complexity of the password.

Check Content

If there is no VM:Secure PASSWORD user exit in use, this is a finding. Review the VM:Secure PASSWORD user exit. If there is no code that prohibits the use of consecutive repeated characters, this is a finding.

Fix Text

Configure a VM:Secure PASSWORD user exit that prohibits the use of consecutive repeated characters in the Password. Ensure that the following macros are updated with proper PASSWORD user exit: FORCEPWC VMXCHGPW MAINT USE00080

Additional Identifiers

Rule ID:

Vulnerability ID: IBMZ-VM-000570

Group Title:

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.