An error occurred:

Check: SOL-11.1-040100

Solaris 11 X86 STIG: SOL-11.1-040100 (in versions v3 r2 through v3 r1)

Title

The system must require passwords to contain at least one special character. (Cat II impact)

Discussion

Complex passwords can reduce the likelihood of success of automated password-guessing attacks.

Check Content

Check the MINSPECIAL setting. # grep ^MINSPECIAL /etc/default/passwd If the MINSPECIAL setting is less than one, this is a finding.

Fix Text

The root role is required. # pfedit /etc/default/passwd a Locate the line containing: MINSPECIAL Change the line to read: MINSPECIAL=1

Additional Identifiers

Rule ID: SV-216095r1016290_rule

Vulnerability ID: V-216095

Group Title: SRG-OS-000266

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.
Number Definition
CCI-001619

The information system enforces password complexity by the minimum number of special characters used.
CCI-004066

For password-based authentication, enforce organization-defined composition and complexity rules.

Controls

Controls tied to check. These are derived from the CCIs shown above.
Number Title
IA-5(1)

Password-based Authentication