InformationPassword policy controls should be in line with the corporate security policy. Password policy is required to control user password characteristics including password minimum length, password history, maximum and minimum password age and complexity.
Passwords are widely known and typically initial targets for attacks. The risk that unauthorized access will be obtained is increased if these passwords are not changed.
NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.
SolutionPassword policy controls should be in line with the corporate security policy. A strong password has the following characteristics specified in appendix 3.1