5.2.5 Complex passwords must contain a Symbolic Character

Information

Complex passwords contain one character from each of the following classes: English uppercase letters, English lowercase letters, Westernized Arabic numerals, and non-alphanumeric characters. The more complex a password the more resistant it will be against persons seeking unauthorized access to a system.

Solution

Perform the following to implement the prescribed state for all pwpolicy controls Run the following command in Terminal: sudo pwpolicy -setglobalpolicy "maxFailedLoginAttempts=5 minChars=15 requiresNumeric=1 requiresAlpha=1 requiresSymbol=1" Impact: Password policy should be in effect to reduce the risk of exposed services being compromised easily through dictionary attacks or other social engineering attempts.

See Also

https://workbench.cisecurity.org/files/299

Item Details

Category: IDENTIFICATION AND AUTHENTICATION

References: 800-53|IA-5(1)(a)

Plugin: Unix

Control ID: f6bdaa669dc0d45b264cc3b128fc3b359bb09e44aa8b0f77de883e4fcbfe82d9