STIGQter STIGQter: STIG Summary: Canonical Ubuntu 18.04 LTS Security Technical Implementation Guide Version: 2 Release: 3 Benchmark Date: 23 Apr 2021:

The Ubuntu operating system must enforce a minimum 15-character password length.

DISA Rule

SV-219181r610963_rule

Vulnerability Number

V-219181

Group Title

SRG-OS-000078-GPOS-00046

Rule Version

UBTU-18-010109

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Configure the Ubuntu operating system to enforce a minimum 15-character password length.

Add, or modify the "minlen" parameter value to the "/etc/security/pwquality.conf" file:

minlen=15

Check Contents

Verify if the pwquality configuration file enforces a minimum 15-character password length, by running the following command:

# grep -i minlen /etc/security/pwquality.conf
minlen=15

If "minlen" parameter value is not 15 or higher, or is commented out, this is a finding.

Vulnerability Number

V-219181

Documentable

False

Rule Version

UBTU-18-010109

Severity Override Guidance

Verify if the pwquality configuration file enforces a minimum 15-character password length, by running the following command:

# grep -i minlen /etc/security/pwquality.conf
minlen=15

If "minlen" parameter value is not 15 or higher, or is commented out, this is a finding.

Check Content Reference

M

Target Key

4055

Comments