CCI|CCI-000198

Title

The information system enforces minimum password lifetime restrictions.

Reference Item Details

Category: 2009

Audit Items

View all Reference Audit Items

NamePluginAudit Name
4.012 - Minimum password age does not meet minimum requirements.WindowsDISA Windows Vista STIG v6r41
5.5.1.2 Ensure minimum days between password changes is configured - login.defsUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
5.5.1.2 Ensure minimum days between password changes is configured - password shadowUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
AIX7-00-001125 - AIX Operating systems must enforce 24 hours/1 day as the minimum password lifetime - ALL usersUnixDISA STIG AIX 7.x v2r6
AIX7-00-001125 - AIX Operating systems must enforce 24 hours/1 day as the minimum password lifetime - System defaultUnixDISA STIG AIX 7.x v2r6
F5BI-DM-000125 - The BIG-IP appliance must be configured to enforce 24 hours/1 day as the minimum password lifetime.F5DISA F5 BIG-IP Device Management 11.x STIG v2r1
GEN000540 - Users must not be able to change passwords more than once every 24 hours - /etc/shadowUnixDISA STIG Solaris 10 X86 v2r2
GEN000540 - Users must not be able to change passwords more than once every 24 hours - /etc/shadowUnixDISA STIG Solaris 10 SPARC v2r2
GEN000540 - Users must not be able to change passwords more than once every 24 hours - MINWEEKSUnixDISA STIG Solaris 10 SPARC v2r2
GEN000540 - Users must not be able to change passwords more than once every 24 hours - MINWEEKSUnixDISA STIG Solaris 10 X86 v2r2
GEN000540 - Users must not be able to change passwords more than once every 24 hours.UnixDISA STIG AIX 6.1 v1r14
GEN000540 - Users must not be able to change passwords more than once every 24 hours.UnixDISA STIG AIX 5.3 v1r2
GEN000540 - Users must not be able to change passwords more than once every 24 hours.UnixDISA STIG for Oracle Linux 5 v2r1
GEN000540 - Users must not be able to change passwords more than once every 24 hours.UnixDISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit
OL6-00-000051 - Users must not be able to change passwords more than once every 24 hours.UnixDISA STIG Oracle Linux 6 v2r6
OL07-00-010230 - The Oracle Linux operating system must be configured so that passwords for new users are restricted to a 24 hours/1 day minimum lifetime.UnixDISA Oracle Linux 7 STIG v2r9
OL07-00-010240 - The Oracle Linux operating system must be configured so that passwords are restricted to a 24 hours/1 day minimum lifetime.UnixDISA Oracle Linux 7 STIG v2r9
OL08-00-020180 - OL 8 passwords for new users or password changes must have a 24 hours/1 day minimum password lifetime restriction in '/etc/shadow' - /etc/shadow.UnixDISA Oracle Linux 8 STIG v1r2
OL08-00-020180 - OL 8 passwords for new users or password changes must have a 24 hours/1 day minimum password lifetime restriction in '/etc/shadow'.UnixDISA Oracle Linux 8 STIG v1r4
OL08-00-020190 - OL 8 passwords for new users or password changes must have a 24 hours/1 day minimum password lifetime restriction in '/etc/login.defs'.UnixDISA Oracle Linux 8 STIG v1r4
OL08-00-020190 - OL 8 passwords for new users or password changes must have a 24 hours/1 day minimum password lifetime restriction in '/etc/logins.def' - /etc/logins.def.UnixDISA Oracle Linux 8 STIG v1r2
PHTN-67-000027 - The Photon operating system must be configured so that passwords for new users are restricted to a 24-hour minimum lifetime.UnixDISA STIG VMware vSphere 6.7 Photon OS v1r3
RHEL-06-000051 - Users must not be able to change passwords more than once every 24 hours.UnixDISA Red Hat Enterprise Linux 6 STIG v2r2
RHEL-07-010230 - The Red Hat Enterprise Linux operating system must be configured so that passwords for new users are restricted to a 24 hours/1 day minimum lifetime.UnixDISA Red Hat Enterprise Linux 7 STIG v3r9
RHEL-07-010240 - The Red Hat Enterprise Linux operating system must be configured so that passwords are restricted to a 24 hours/1 day minimum lifetime.UnixDISA Red Hat Enterprise Linux 7 STIG v3r9
RHEL-08-020180 - RHEL 8 passwords must have a 24 hours/1 day minimum password lifetime restriction in /etc/shadow.UnixDISA Red Hat Enterprise Linux 8 STIG v1r8
RHEL-08-020190 - RHEL 8 passwords for new users or password changes must have a 24 hours/1 day minimum password lifetime restriction in /etc/login.defs.UnixDISA Red Hat Enterprise Linux 8 STIG v1r8
SLES-12-010260 - The SUSE operating system must be configured to create or update passwords with a minimum lifetime of 24 hours (one day) - 1 day.UnixDISA SLES 12 STIG v2r7
SLES-12-010270 - The SUSE operating system must employ user passwords with a minimum lifetime of 24 hours (one day) - 1 day.UnixDISA SLES 12 STIG v2r7
SLES-15-020200 - The SUSE operating system must be configured to create or update passwords with a minimum lifetime of 24 hours (one day) - 1 day.UnixDISA SLES 15 STIG v1r6
SLES-15-020210 - The SUSE operating system must employ user passwords with a minimum lifetime of 24 hours (one day).UnixDISA SLES 15 STIG v1r6
SOL-11.1-040030 - The operating system must enforce minimum password lifetime restrictions - '/etc/shadow'UnixDISA STIG Solaris 11 X86 v2r6
SOL-11.1-040030 - The operating system must enforce minimum password lifetime restrictions - 'MINDAYS'UnixDISA STIG Solaris 11 X86 v2r6
SOL-11.1-040030 - The operating system must enforce minimum password lifetime restrictions - 'MINDAYS'UnixDISA STIG Solaris 11 SPARC v2r6
SOL-11.1-040030 - The operating system must enforce minimum password lifetime restrictions - 'MINWEEKS'UnixDISA STIG Solaris 11 SPARC v2r6
SOL-11.1-040030 - The operating system must enforce minimum password lifetime restrictions - 'MINWEEKS'UnixDISA STIG Solaris 11 X86 v2r6
SOL-11.1-040030 - The operating system must enforce minimum password lifetime restrictions - 'user passwords'UnixDISA STIG Solaris 11 SPARC v2r6
UBTU-16-010210 - Passwords for new users must have a 24 hours/1 day minimum password lifetime restriction.UnixDISA STIG Ubuntu 16.04 LTS v2r3
UBTU-18-010106 - The Ubuntu operating system must enforce 24 hours/1 day as the minimum password lifetime. Passwords for new users must have a 24 hours/1 day minimum password lifetime restriction.UnixDISA STIG Ubuntu 18.04 LTS v2r8
UBTU-20-010007 - The Ubuntu operating system must enforce 24 hours/1 day as the minimum password lifetime. Passwords for new users must have a 24 hours/1 day minimum password lifetime restriction.UnixDISA STIG Ubuntu 20.04 LTS v1r5
WN10-AC-000030 - The minimum password age must be configured to at least 1 day.WindowsDISA Windows 10 STIG v2r5
WN11-AC-000030 - The minimum password age must be configured to at least 1 day.WindowsDISA Windows 11 STIG v1r2
WN12-AC-000006 - The minimum password age must meet requirements.WindowsDISA Windows Server 2012 and 2012 R2 DC STIG v3r4
WN12-AC-000006 - The minimum password age must meet requirements.WindowsDISA Windows Server 2012 and 2012 R2 MS STIG v3r5
WN16-AC-000060 - Windows Server 2016 minimum password age must be configured to at least one day.WindowsDISA Windows Server 2016 STIG v2r4
WN19-AC-000060 - Windows Server 2019 minimum password age must be configured to at least one day.WindowsDISA Windows Server 2019 STIG v2r5
WN22-AC-000060 - Windows Server 2022 minimum password age must be configured to at least one day.WindowsDISA Windows Server 2022 STIG v1r1