CSCv6|16.12

Title

Where multi-factor authentication is not supported, user accounts shall be required to use long passwords on the system (longer than 14 characters).

Description

Where multi-factor authentication is not supported, user accounts shall be required to use long passwords on the system (longer than 14 characters).

Reference Item Details

Reference: CIS Critical Security Controls v6

Category: Account Monitoring and Control

Family: Application

Audit Items

View all Reference Audit Items

Name	Plugin	Audit Name
1.1.4 Ensure 'Minimum password length' is set to '14 or more character(s)'	Windows	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.1.0
1.1.4 Ensure 'Minimum password length' is set to '14 or more character(s)'	Windows	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.2.0
1.1.4 Ensure 'Minimum password length' is set to '14 or more character(s)'	Windows	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.2.0
1.1.4 Ensure 'Minimum password length' is set to '14 or more character(s)'	Windows	CIS Windows Server 2012 R2 DC L1 v2.5.0
1.1.4 Ensure 'Minimum password length' is set to '14 or more character(s)'	Windows	CIS Microsoft Windows Server 2016 DC L1 v1.2.0
1.1.4 Ensure 'Minimum password length' is set to '14 or more character(s)'	Windows	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.1.0
1.1.4 Ensure 'Minimum password length' is set to '14 or more character(s)'	Windows	CIS Windows Server 2012 R2 MS L1 v2.5.0
1.1.4 Ensure 'Minimum password length' is set to '14 or more character(s)'	Windows	CIS Microsoft Windows Server 2016 DC L1 v1.3.0
1.1.4 Ensure 'Minimum password length' is set to '14 or more character(s)'	Windows	CIS Microsoft Windows Server 2016 MS L1 v1.2.0
1.1.4 Ensure 'Minimum password length' is set to '14 or more character(s)'	Windows	CIS Windows Server 2012 R2 MS L1 v2.4.0
1.1.4 Ensure 'Minimum password length' is set to '14 or more character(s)'	Windows	CIS Windows Server 2012 DC L1 v2.2.0
1.1.4 Ensure 'Minimum password length' is set to '14 or more character(s)'	Windows	CIS Windows Server 2012 R2 DC L1 v2.4.0
1.1.4 Ensure 'Minimum password length' is set to '14 or more character(s)'	Windows	CIS Microsoft Windows Server 2016 MS L1 v1.3.0
1.1.4 Ensure 'Minimum password length' is set to '14 or more character(s)'	Windows	CIS Windows Server 2012 MS L1 v2.2.0
1.3.1 Ensure 'Minimum Password Complexity' is enabled	Palo_Alto	CIS Palo Alto Firewall 7 Benchmark L1 v1.0.0
1.3.1 Ensure 'Minimum Password Complexity' is enabled	Palo_Alto	CIS Palo Alto Firewall 8 Benchmark L1 v1.0.0
1.3.1 Ensure 'Minimum Password Complexity' is enabled	Palo_Alto	CIS Palo Alto Firewall 9 Benchmark v1.0.0 L1
1.3.1 Ensure 'Minimum Password Complexity' is enabled	Palo_Alto	CIS Palo Alto Firewall 6 Benchmark L1 v1.0.0
1.3.2 Ensure 'Minimum Length' is greater than or equal to 12	Palo_Alto	CIS Palo Alto Firewall 8 Benchmark L1 v1.0.0
1.3.2 Ensure 'Minimum Length' is greater than or equal to 12	Palo_Alto	CIS Palo Alto Firewall 7 Benchmark L1 v1.0.0
1.3.2 Ensure 'Minimum Length' is greater than or equal to 12	Palo_Alto	CIS Palo Alto Firewall 6 Benchmark L1 v1.0.0
1.3.2 Ensure 'Minimum Length' is greater than or equal to 12	Palo_Alto	CIS Palo Alto Firewall 9 Benchmark v1.0.0 L1
1.3.3 Ensure 'Minimum Uppercase Letters' is greater than or equal to 1	Palo_Alto	CIS Palo Alto Firewall 9 Benchmark v1.0.0 L1
1.3.4 Ensure 'Minimum Lowercase Letters' is greater than or equal to 1	Palo_Alto	CIS Palo Alto Firewall 9 Benchmark v1.0.0 L1
1.3.5 Ensure 'Minimum Numeric Letters' is greater than or equal to 1	Palo_Alto	CIS Palo Alto Firewall 9 Benchmark v1.0.0 L1
1.3.6 Ensure 'Minimum Special Characters' is greater than or equal to 1	Palo_Alto	CIS Palo Alto Firewall 9 Benchmark v1.0.0 L1
1.3.7 Ensure 'Required Password Change Period' is less than or equal to 90 days	Palo_Alto	CIS Palo Alto Firewall 9 Benchmark v1.0.0 L1
1.3.8 Ensure 'New Password Differs By Characters' is greater than or equal to 3	Palo_Alto	CIS Palo Alto Firewall 9 Benchmark v1.0.0 L1
1.3.9 Ensure 'Prevent Password Reuse Limit' is set to 24 or more passwords	Palo_Alto	CIS Palo Alto Firewall 9 Benchmark v1.0.0 L1
1.3.10 Ensure 'Password Profiles' do not exist	Palo_Alto	CIS Palo Alto Firewall 9 Benchmark v1.0.0 L1
2.4.2 Ensure 'Minimum passcode length' is set to '6' or greater	MDM	AirWatch - CIS Apple iOS 10 v2.0.0 End User Owned L1
2.4.2 Ensure 'Minimum passcode length' is set to '6' or greater	MDM	MobileIron - CIS Apple iOS 12 v1.0.0 End User Owned L1
2.4.2 Ensure 'Minimum passcode length' is set to '6' or greater	MDM	MobileIron - CIS Apple iOS 11 v1.0.0 End User Owned L1
2.4.2 Ensure 'Minimum passcode length' is set to '6' or greater	MDM	MobileIron - CIS Apple iOS 13 and iPadOS 13 v1.0.0 End User Owned L1
2.4.2 Ensure 'Minimum passcode length' is set to '6' or greater	MDM	MobileIron - CIS Apple iOS 10 v2.0.0 End User Owned L1
2.4.2 Ensure 'Minimum passcode length' is set to '6' or greater	MDM	AirWatch - CIS Apple iOS 11 v1.0.0 End User Owned L1
2.4.2 Ensure 'Minimum passcode length' is set to '6' or greater	MDM	AirWatch - CIS Apple iOS 13 and iPadOS 13 v1.0.0 End User Owned L1
2.4.2 Ensure 'Minimum passcode length' is set to '6' or greater	MDM	AirWatch - CIS Apple iOS 14 and iPadOS 14 v1.0.0 End User Owned L1
17.1.1 Ensure 'Audit Credential Validation' is set to 'Success and Failure'	Windows	CIS Windows Server 2012 DC L1 v2.2.0
17.1.1 Ensure 'Audit Credential Validation' is set to 'Success and Failure'	Windows	CIS Windows Server 2012 R2 DC L1 v2.5.0
17.1.1 Ensure 'Audit Credential Validation' is set to 'Success and Failure'	Windows	CIS Microsoft Windows Server 2016 DC L1 v1.3.0
17.1.1 Ensure 'Audit Credential Validation' is set to 'Success and Failure'	Windows	CIS Windows Server 2012 R2 DC L1 v2.4.0
17.1.1 Ensure 'Audit Credential Validation' is set to 'Success and Failure'	Windows	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.2.0
17.1.1 Ensure 'Audit Credential Validation' is set to 'Success and Failure'	Windows	CIS Microsoft Windows Server 2016 DC L1 v1.2.0
17.1.1 Ensure 'Audit Credential Validation' is set to 'Success and Failure'	Windows	CIS Microsoft Windows Server 2016 MS L1 v1.2.0
17.1.1 Ensure 'Audit Credential Validation' is set to 'Success and Failure'	Windows	CIS Microsoft Windows Server 2016 MS L1 v1.3.0
17.1.1 Ensure 'Audit Credential Validation' is set to 'Success and Failure'	Windows	CIS Windows Server 2012 MS L1 v2.2.0
17.1.1 Ensure 'Audit Credential Validation' is set to 'Success and Failure'	Windows	CIS Windows Server 2012 R2 MS L1 v2.4.0
17.1.1 Ensure 'Audit Credential Validation' is set to 'Success and Failure'	Windows	CIS Windows Server 2012 R2 MS L1 v2.5.0
17.1.1 Ensure 'Audit Credential Validation' is set to 'Success and Failure'	Windows	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.2.0

Detections

Analytics

CSCv6|16.12

Title

Description

Reference Item Details

Audit Items