1.3.2 Ensure 'Minimum Length' is greater than or equal to 12

Information

This determines the least number of characters that make up a password for a user account.
Rationale:
A longer password is much more difficult to attack, either directly against administrative interfaces or cryptographically, against captured password hashes. Making a password of greater length will generally have a greater impact in this regard, in comparison to making a shorter password more complex.

Solution

Navigate to Device > Setup > Management > Minimum Password Complexity.
Set Minimum Length to greater than or equal to 12
Impact:
Longer passwords are much more difficult to attack. This is true of attacks against the administrative interfaces themselves, or of decryption attacks against captured hashes.
Default Value:
Not enabled.

See Also

https://workbench.cisecurity.org/files/1664

Item Details

Category: IDENTIFICATION AND AUTHENTICATION

References: 800-53|IA-5(1)(a), CSCv6|5.3, CSCv6|5.7, CSCv6|16.12

Plugin: Palo_Alto

Control ID: 15af64c1be87fba5ae12977f967ba3562d980be755a0d905e0c9230709d2f50a