Detections
Analytics
RHEL-10-600630 - RHEL 10 must ensure the password complexity module is enabled in the "system-auth" file.
Information
Enabling Pluggable Authentication Module (PAM) password complexity permits enforcement of strong passwords and consequently makes the system less prone to dictionary attacks.Solution
Configure RHEL 10 to use "pwquality" to enforce password complexity rules.Add the following line to the "/etc/pam.d/system-auth" file (or modify the line to have the required value):
password required pam_pwquality.so
See Also
https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_RHEL_10_V1R1_STIG.zip
Item Details
Audit Name: DISA Red Hat Enterprise Linux 10 STIG v1r1
Category: IDENTIFICATION AND AUTHENTICATION
References: 800-53|IA-5(1)(a), CAT|II, CCI|CCI-004066, Rule-ID|SV-281215r1166597_rule, STIG-ID|RHEL-10-600630, Vuln-ID|V-281215
Plugin: Unix
Control ID: ad4ac27814731d5fc8c6166f5bd815fdd4177a0cabd76db1867aa7223b6c334d