STIGQter: STIG Summary: SLES 12 Security Technical Implementation Guide Version: 2 Release: 3 Benchmark Date: 23 Apr 2021:

The SUSE operating system must employ user passwords with a minimum lifetime of 24 hours (one day).

DISA Rule

SV-217129r646698_rule

Vulnerability Number

V-217129

Group Title

SRG-OS-000075-GPOS-00043

Rule Version

SLES-12-010270

Severity

CAT II

CCI(s)

• CCI-000198 - The information system enforces minimum password lifetime restrictions.

Weight

10

Fix Recommendation

Configure the SUSE operating system to enforce 24 hours/one day or greater as the minimum password age for user accounts.

Change the minimum time period between password changes for each [USER] account to "1" day with the command, replacing [USER] with the user account that must be changed:

> sudo passwd -n 1 [USER]

Check Contents

Verify the SUSE operating system enforces a minimum time period between password changes for each user account of one day or greater.

Check the minimum time period between password changes for each user account with the following command:

> sudo awk -F: '$4 < 1 {print $1 ":" $4}' /etc/shadow

smithj:1

If any results are returned that are not associated with a system account, this is a finding.

Vulnerability Number

V-217129

Documentable

False

Rule Version

SLES-12-010270

Severity Override Guidance

Verify the SUSE operating system enforces a minimum time period between password changes for each user account of one day or greater.

Check the minimum time period between password changes for each user account with the following command:

> sudo awk -F: '$4 < 1 {print $1 ":" $4}' /etc/shadow

smithj:1

If any results are returned that are not associated with a system account, this is a finding.

Check Content Reference

M

Target Key

4033

Comments