SLES-12-010180 - The SUSE operating system must enforce passwords that contain at least one special character.

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

Use of a complex password helps increase the time and resources required to compromise the password. Password complexity or strength is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.

Password complexity is one factor in determining how long it takes to crack a password. The more complex the password, the greater the number of possible combinations that need to be tested before the password is compromised.

Special characters are not alphanumeric. Examples include: ~ ! @ # $ % ^ *.

Solution

Configure the SUSE operating system to enforce password complexity by requiring at least one special character.

Edit '/etc/pam.d/common-password' and edit the line containing 'pam_cracklib.so' to contain the option 'ocredit=-1' after the third column.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_SLES_12_V2R12_STIG.zip

Item Details

References: CAT|II, CCI|CCI-001619, Rule-ID|SV-217120r603262_rule, STIG-ID|SLES-12-010180, STIG-Legacy|SV-91777, STIG-Legacy|V-77081, Vuln-ID|V-217120

Plugin: Unix

Control ID: d2491902be24226b3e1db1bf189e8332b4e76caaeb098b6a2c82e49b8ac5e6b0