1.2 Password Security Policy - a) The default password length shouldn't be below 8 characters

Information

Strong passwords are supported to prevent passwords from being cracked. When a password is set, password complexity is detected by default. If a password does not meet the policy, a warning is required. A strong password mode should be provided. The password verification mechanism is as follows:

a) The default password length shouldn't be below 8 characters.
b) The password must include either three of 'number', 'capital', 'lowercase', 'special-character' or set the 'character-set-num' value to 3-4
c) Configure 'strong-password dictionary' and 'same-consecutive' to avoid weak password
d) Check either of the following words exist in configuration file:
- Encrypt none
- Authentication null
- Encrypted null
- Encryption null
- Security-protocol noauth
- Encrypted noauth
e) If 'strong-password max-length' not displayed in configuration, then pass this check.
If 'strong-password max-length' displayed in configuration, but max-length value below 10, or not both configuration 'username-related-chk inverse' and 'strong-password date-check enable' commands, then fail this check.
f) The validity period of an account can be configured.

Solution

It is recommended to set password length to at least 8 characters

ZXR10# configure terminal
ZXR10 (config)# system-user
ZXR10 (config-system-user)# strong-password length 8

See Also

https://support.zte.com.cn/support/doccenter/DocumentProductHandBookDetail.aspx?sid=102&id=30768582&type=docfeedback

Item Details

Audit Name: Tenable ZTE ROSNG

Category: IDENTIFICATION AND AUTHENTICATION

References: 800-53|IA-5(1)(a)

Plugin: ZTE_ROSNG

Control ID: 8a6e83d9c89666c68a10266592220d814083bd93f69df2aeae1779d9fccd59f9