1.3.1 Ensure 'Minimum Password Complexity' is enabled

Information

This checks all new passwords to ensure that they meet basic requirements for strong passwords.
Rationale:
Password complexity recommendations are derived from the USGCB (United States Government Configuration Baseline), Common Weakness Enumeration, and benchmarks published by the CIS (Center for Internet Security). Password complexity adds entropy to a password, in comparison to a simple password of the same length. A complex password is more difficult to attack, either directly against administrative interfaces or cryptographically, against captured password hashes. However, making a password of greater length will generally have a greater impact in this regard, in comparison to making a shorter password more complex.

Solution

Navigate to Device > Setup > Management > Minimum Password Complexity.
Set Enabled to be checked
Default Value:
Not enabled.

See Also

https://workbench.cisecurity.org/files/1664

Item Details

Category: IDENTIFICATION AND AUTHENTICATION

References: 800-53|IA-5(1)(a), CSCv6|5.3, CSCv6|5.7, CSCv6|16.12

Plugin: Palo_Alto

Control ID: 9ee35ccc0910b1ff97a0acb3060db83f0db3e6984108cc947cf55aaacf28ff88