STIGQter: STIG Summary: IBM z/OS ACF2 Security Technical Implementation Guide Version: 8 Release: 2 Benchmark Date: 23 Apr 2021:

ACF2 PSWD GSO record value must be set to require the change of at least 50% of the total number of characters when passwords are changed.

DISA Rule

SV-223504r695433_rule

Vulnerability Number

V-223504

Group Title

SRG-OS-000072-GPOS-00040

Rule Version

ACF2-ES-000870

Severity

CAT II

CCI(s)

• CCI-000195 - The information system, for password-based authentication, when new passwords are created, enforces that at least an organization-defined number of characters are changed.

Weight

10

Fix Recommendation

Configure the Password option "PSWDSIM" to "4".

Check Contents

From an ACF command screen enter:
SET CONTROL(GSO)
LIST PSWD

If "PSWDSIM" is set to "4", this is not a finding.

Vulnerability Number

V-223504

Documentable

False

Rule Version

ACF2-ES-000870

Severity Override Guidance

From an ACF command screen enter:
SET CONTROL(GSO)
LIST PSWD

If "PSWDSIM" is set to "4", this is not a finding.

Check Content Reference

M

Target Key

4100

Comments