Check: GEN000680
Title
The system must require passwords to contain no more than three consecutive repeating characters. (Cat II impact)
Discussion
To enforce the use of complex passwords, the number of consecutive repeating characters is limited. Passwords with excessive repeated characters may be more vulnerable to password-guessing attacks.
Check Content
Check the MAXREPEATS setting. # grep MAXREPEATS /etc/default/passwd If the MAXREPEATS setting is greater than 3, this is a finding.
Fix Text
Edit /etc/default/passwd and set MAXREPEATS to 3.
Additional Identifiers
Rule ID:
Vulnerability ID: V-11975
Group Title:
Expert Comments
Expert comments are only available to logged-in users.
CCIs
CCIs tied to check.
| Number | Definition |
|---|---|
| CCI-000366 |
The organization implements the security configuration settings. |
Controls
Controls tied to check. These are derived from the CCIs shown above.
| Number | Title |
|---|---|
| CM-6 |
Configuration Settings |