Revision 1.4Nov 15, 2021
Functional Update
- 1.1 Ensure Minimum Password Length is set to 14 or higher
- 1.10 Ensure Force users to change password at first login after password was changed from Users page is selected
- 1.11 Ensure Deny access after failed login attempts is selected
- 1.12 Ensure Maximum number of failed attempts allowed is set to 5 or fewer
- 1.13 Ensure Allow access again after time is set to 300 or more seconds
- 1.2 Ensure Disallow Palindromes is selected
- 1.3 Ensure Password Complexity is set to 3
- 1.4 Ensure Check for Password Reuse is selected and History Length is set to 12 or more - history-checking
- 1.4 Ensure Check for Password Reuse is selected and History Length is set to 12 or more - history-length
- 1.5 Ensure Password Expiration is set to 90 days
- 1.6 Ensure Warn users before password expiration is set to 7 days
- 1.7 Ensure Lockout users after password expiration is set to 1
- 1.8 Ensure Deny access to unused accounts is selected
- 1.9 Ensure Days of non-use before lock-out is set to 30
- 2.1.1 Ensure 'Login Banner' is set - message banner on
- 2.1.2 Ensure 'Message Of The Day (MOTD)' is set - motd banner on
- 2.5.1 Ensure CLI session timeout is set to less than or equal to 10 minutes
- 2.5.2 Ensure Web session timeout is set to less than or equal to 10 minutes
