Detections
Analytics
RHEL-10-600110 - RHEL 10 must, for user account passwords, have a 60-day maximum password lifetime restriction.
Information
Any password, no matter how complex, can eventually be cracked. Therefore, passwords must be changed periodically. If the operating system does not limit the lifetime of passwords and force users to change their passwords, there is the risk that the operating system passwords could be compromised.Solution
Configure RHEL 10 to enforce a 60-day maximum password lifetime restriction on user account passwords.Set the 60-day maximum password lifetime restriction with the following command:
$ sudo passwd -x 60 [user]
See Also
https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_RHEL_10_V1R1_STIG.zip
Item Details
Audit Name: DISA Red Hat Enterprise Linux 10 STIG v1r1
Category: IDENTIFICATION AND AUTHENTICATION
References: 800-53|IA-5(1)(a), CAT|II, CCI|CCI-004066, Rule-ID|SV-281170r1184651_rule, STIG-ID|RHEL-10-600110, Vuln-ID|V-281170
Plugin: Unix
Control ID: 31cf76d3d912843dbc2073c946e4cd008f0c6ae3badf042b2d35b8f68c5877c1