Detections
Analytics
AZLX-23-002425 - Amazon Linux 2023 must be able to enforce a 60-day maximum password lifetime restriction.
Information
Any password, no matter how complex, can eventually be cracked. Therefore, passwords need to be changed periodically. If Amazon Linux 2023 does not limit the lifetime of passwords and force users to change their passwords, there is the risk that Amazon Linux 2023 passwords could be compromised.Solution
Configure Amazon Linux 2023 to set noncompliant accounts to enforce a 60-day maximum password lifetime restriction.$ sudo chage -M 60 [user]
See Also
https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Amazon_Linux_2023_V1R2_STIG.zip
Item Details
Audit Name: DISA Amazon Linux 2023 STIG v1r2
Category: IDENTIFICATION AND AUTHENTICATION
References: 800-53|IA-5(1)(a), CAT|II, CCI|CCI-004066, Rule-ID|SV-274148r1120432_rule, STIG-ID|AZLX-23-002425, Vuln-ID|V-274148
Plugin: Unix
Control ID: 5546208234275390a63e9e6b305ad474d755cc89f18a20435ee5ce879c64dd11