Check: GEN000700
VMware ESX 3 Server:
GEN000700
(in version v1 r2)
Title
User passwords must be changed at least every 60 days. (Cat II impact)
Discussion
Limiting the lifespan of authenticators limits the period of time an unauthorized user has access to the system while using compromised credentials and reduces the period of time available for password-guessing attacks to run against a single password.
Check Content
Verify the system requires passwords be changed at least every 60 days.
Fix Text
Configure the system to require passwords be changed at least every 60 days.
Additional Identifiers
Rule ID: SV-12477r2_rule
Vulnerability ID: V-11976
Group Title: GEN000700
Expert Comments
Expert comments are only available to logged-in users.
CCIs
CCIs tied to check.
| Number | Definition |
|---|---|
| CCI-000180 |
The organization manages information system authenticators by establishing maximum lifetime restrictions for authenticators. |
Controls
Controls tied to check. These are derived from the CCIs shown above.
| Number | Title |
|---|---|
| IA-5 |
Authenticator Management |