Detections
Analytics
OL09-00-001100 - OL 9 user account passwords must have a 60-day maximum password lifetime restriction.
Information
Any password, no matter how complex, can eventually be cracked; therefore, passwords need to be changed periodically. If OL 9 does not limit the lifetime of passwords and force users to change their passwords, there is the risk that OL 9 passwords could be compromised.Solution
Configure noncompliant accounts to enforce a 60-day maximum password lifetime restriction.passwd -x 60 [user]
See Also
https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Oracle_Linux_9_V1R5_STIG.zip
Item Details
Audit Name: DISA Oracle Linux 9 STIG v1r5
Category: IDENTIFICATION AND AUTHENTICATION
References: 800-53|IA-5(1)(a), CAT|II, CCI|CCI-004066, Rule-ID|SV-271632r1091608_rule, STIG-ID|OL09-00-001100, Vuln-ID|V-271632
Plugin: Unix
Control ID: ec8ce5379a1b6f88c52273d80ed137b5ff835f3363b3b9c09d486ece043d71a5