STIGQter: STIG Summary: Oracle Linux 6 Security Technical Implementation Guide Version: 2 Release: 3 Benchmark Date: 23 Apr 2021: STIGQter: STIG Summary: Oracle Linux 6 Security Technical Implementation Guide Version: 2 Release: 3 Benchmark Date: 23 Apr 2021:SV-208826r603263_rule
V-208826
SRG-OS-000078
OL6-00-000050
CAT II
10
To specify password length requirements for new accounts, edit the file "/etc/login.defs" and add or correct the following lines:
PASS_MIN_LEN 15
The DoD requirement is "15". If a program consults "/etc/login.defs" and also another PAM module (such as "pam_cracklib") during a password change operation, then the most restrictive must be satisfied.
To check the minimum password length, run the command:
$ grep PASS_MIN_LEN /etc/login.defs
The DoD requirement is "15".
If it is not set to the required value, this is a finding.
$ grep –E ‘pam_cracklib.so.*minlen’ /etc/pam.d/*
If no results are returned, this is not a finding.
If any results are returned and are not set to “15” or greater, this is a finding.
V-208826
False
OL6-00-000050
To check the minimum password length, run the command:
$ grep PASS_MIN_LEN /etc/login.defs
The DoD requirement is "15".
If it is not set to the required value, this is a finding.
$ grep –E ‘pam_cracklib.so.*minlen’ /etc/pam.d/*
If no results are returned, this is not a finding.
If any results are returned and are not set to “15” or greater, this is a finding.
M
2928