5.2.7 Password Age

Information

Passwords should be changed periodically to reduce exposure

NOTE: Nessus has provided the target output to assist in reviewing the benchmark to ensure target compliance.

Solution

Perform the following to implement the prescribed state for all pwpolicy controls
1. Run the following command in Terminal:
pwpolicy -setaccountpolicies
Examples in pwpolicy man page and in the back of the Benchmark

See Also

https://workbench.cisecurity.org/files/300

Item Details

Category: IDENTIFICATION AND AUTHENTICATION

References: 800-53|IA-5(1)(d)

Plugin: Unix

Control ID: 4befcc624a8a041265b1a020e0aee06a15c51b3ee9eefa24756c990abd4ed468