Detections
Analytics

5.3.1.3 Ensure latest version of libpam-pwquality is installed

Information

libpwquality provides common functions for password quality checking and scoring them based on their apparent randomness. The library also provides a function for generating random passwords with good pronounceability.

This module can be plugged into the password stack of a given service to provide some plug-in strength-checking for passwords. The code was originally based on pam_cracklib module and the module is backwards compatible with its options.

Strong passwords reduce the risk of systems being hacked through brute force methods.

Older versions of the libpam-pwquality package may not include the latest security and feature patches and updates.

Note : This Benchmark was tested and written against libpam-pwquality Version: 1.4.4-1build2

Solution

Run the following command to install the latest version of libpam-pwquality :

# apt install libpam-pwquality

See Also

https://workbench.cisecurity.org/benchmarks/24330

Item Details

Category: IDENTIFICATION AND AUTHENTICATION

References: 800-53|IA-5(1), CSCv7|4.4

Plugin: Unix

Control ID: 8cff84977617d46ad72117c824d4b099a5725e9ccf1969c850c24f4deef358d0