STIGQter STIGQter: STIG Summary: Canonical Ubuntu 18.04 LTS Security Technical Implementation Guide Version: 2 Release: 3 Benchmark Date: 23 Apr 2021:

The Ubuntu operating system must allow the use of a temporary password for system logons with an immediate change to a permanent password.

DISA Rule

SV-219183r610963_rule

Vulnerability Number

V-219183

Group Title

SRG-OS-000380-GPOS-00165

Rule Version

UBTU-18-010112

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Create a policy that ensures when a user is created, it is created using a method that forces a user to change their password upon their next login.

Below are two examples of how to create a user account that requires the user to change their password upon their next login.

# chage -d 0 [UserName]

or

# passwd -e [UserName]

Check Contents

Verify a policy exists that ensures when a user account is created, it is created using a method that forces a user to change their password upon their next login.

If a policy does not exist, this is a finding.

Vulnerability Number

V-219183

Documentable

False

Rule Version

UBTU-18-010112

Severity Override Guidance

Verify a policy exists that ensures when a user account is created, it is created using a method that forces a user to change their password upon their next login.

If a policy does not exist, this is a finding.

Check Content Reference

M

Target Key

4055

Comments