Detections
Analytics

5.4.1.6 Ensure all users last password change date is in the past

Information

All users should have a password change date in the past.

If a user's recorded password change date is in the future, then they could bypass any set password expiration.

Solution

Investigate any users with a password change date in the future and correct them. Locking the account, expiring the password, or resetting the password manually may be appropriate.

See Also

https://workbench.cisecurity.org/benchmarks/24330

Item Details

Category: IDENTIFICATION AND AUTHENTICATION

References: 800-53|IA-5(1), CSCv7|4.4

Plugin: Unix

Control ID: 649ab4e01242bd3220c28b7c8887769841397e254e6931ff254f04e3bae71b05