1.2 - Strong Password policy should be implemented - Minimum Lowercase Characters

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

Strong Password policy should be implemented to protect user access.

Application default passwords are widely known and typically initial targets for attacks. The risk that unauthorized access will be obtained is increased if these passwords are not changed.

Solution

1. Login to the Administration Console.
2. In the Change Centre, click Lock & Edit.
3. In the left pane, select the Domain name.
4. Select Security Realms > Name of the active Security Realm.
5. Select Providers > Password Validation.
6. Select the name of the Password composition checks entry.
7. Select the Provider Specific tab.
8. Enter the suggested password settings
9. Save and confirm the change

Item Details

Category: IDENTIFICATION AND AUTHENTICATION

References: 800-53|IA-5(1)

Plugin: Unix

Control ID: 39b8830c2ef2110a78c796f4e44c8a97613d3c361fc438ef67565aea746d2650