3.5 Ensure 'PASSWORD_REUSE_TIME' Is Greater than or Equal to '365'

Information

As reusing the same password after only a short period of time has passed makes the success of brute-force login attacks more likely, this value should be set according to the needs of the organization.

Solution

Remediate this setting by executing the following SQL statement. ALTER PROFILE DEFAULT LIMIT PASSWORD_REUSE_TIME 365;

See Also

https://workbench.cisecurity.org/files/601

Item Details

Category: IDENTIFICATION AND AUTHENTICATION

References: 800-53|IA-5(1)(e)

Plugin: OracleDB

Control ID: e4be599b5131000d7ba9de02deb2af1ea8c24d7bac28330ceec34bd2b36e993a