Detections
Analytics
RHEL-09-411015 - RHEL 9 user account passwords must have a 60-day maximum password lifetime restriction.
Information
Any password, no matter how complex, can eventually be cracked; therefore, passwords need to be changed periodically. If RHEL 9 does not limit the lifetime of passwords and force users to change their passwords, there is the risk that RHEL 9 passwords could be compromised.Solution
Configure noncompliant accounts to enforce a 60-day maximum password lifetime restriction.passwd -x 60 [user]
See Also
https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_RHEL_9_V2R8_STIG.zip
Item Details
Audit Name: DISA Red Hat Enterprise Linux 9 STIG v2r8
Category: IDENTIFICATION AND AUTHENTICATION
References: 800-53|IA-5(1)(d), CAT|II, CCI|CCI-000199, CCI|CCI-004066, Rule-ID|SV-258042r1045133_rule, STIG-ID|RHEL-09-411015, Vuln-ID|V-258042
Plugin: Unix
Control ID: cb4b31e087f64a8342a4ac940bd5d5665a342e0f71779aabdf993f1d3a31309f