GEN000580 - The system must require passwords to contain a minimum of 15 characters.

Information

The use of longer passwords reduces the ability of attackers to successfully obtain valid passwords using guessing or exhaustive search techniques by increasing the password search space.

Solution

Change the minimum password length to 15 or more.

# chsec -f /etc/security/user -s default -a minlen=15
# chuser minlen=14 <user id>

See Also

https://iasecontent.disa.mil/stigs/zip/U_AIX_6-1_V1R14_STIG.zip

Item Details

Category: IDENTIFICATION AND AUTHENTICATION

References: 800-53|IA-5(1)(a), CAT|II, CCI|CCI-000205, Group-ID|V-11947, Rule-ID|SV-38936r2_rule, STIG-ID|GEN000580, Vuln-ID|V-11947

Plugin: Unix

Control ID: 35dd45bc01d94818c8caa67f7157588c0e54ceca96756a2e3679278b10a043c0