3.1.2.11 minlen

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

Defines the minimum length of a password.

Rationale:

In setting the minlen attribute, it ensures that passwords meet the required length criteria.

Solution

In /etc/security/user, set the default user stanza minlen attribute to be greater than or equal to 14:

chsec -f /etc/security/user -s default -a minlen=14

This means that all user passwords must be at least 14 characters in length.
NOTE: To support a password length greater than 8 characters the default algorithm must be changed. If the command above returns an error (3004-692 Error changing 'minlen' to '14' : Value is invalid.) the recommendation 3.1.15 /etc/security/login.cfg - pwd_algorithm needs to be completed first.

Default Value:

default minlen=0

See Also

https://workbench.cisecurity.org/files/3525