Check: OSX00325 M6
MACOSX 10.6:
OSX00325 M6
(in version v1 r3)
Title
The system must be configured to not show password hints. (Cat I impact)
Discussion
Providing information in the password hint field could compromise the integrity of the password. Showing password hint could allow someone shoulder surfing to gain information leading to unauthorized access to the system.
Check Content
1. Open System Preferences->Accounts Panel. 2. Select Login Options. 3. Ensure the "Show password hints" is not checked. If the option is checked, this is a finding.
Fix Text
1. Open System Preferences->Accounts Panel. 2. Select Login Options. 3. Deselect "Show password hints" to disable this option.
Additional Identifiers
Rule ID: SV-37226r1_rule
Vulnerability ID: V-25305
Group Title:
Expert Comments
Expert comments are only available to logged-in users.
CCIs
CCIs tied to check.
| Number | Definition |
|---|---|
| No CCIs are assigned to this check |
Controls
Controls tied to check. These are derived from the CCIs shown above.
| Number | Title |
|---|---|
| No controls are assigned to this check |