Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-60833 | AMLS-NM-000110 | SV-75289r1_rule | Medium |
Description |
---|
Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. Password complexity is one factor of several that determines how long it takes to crack a password. The more complex the password, the greater the number of possible combinations that needs to be tested before the password is compromised. Typically, the account of last resort is a built-in account with full privileges to the network device. This account should only be used when the authentication mechanism is unreachable and configuration or maintenance actions must be taken. |
STIG | Date |
---|---|
Arista MLS DCS-7000 Series NDM Security Technical Implementation Guide | 2016-03-29 |
Check Text ( C-61779r1_chk ) |
---|
Review the Arista Multilayer Switch configuration for the account of last resort with full access to the network device. If the account of last resort does not require a password length of at least 15 characters, this is a finding. To verify the setting is correct, run the "show running-config" command on the switch. Under the section "management security", the configuration statement "password minimum length 15" must be present, with a value set to 15 or higher. |
Fix Text (F-66543r1_fix) |
---|
Configure the Arista Multilayer Switch account of last resort with a password with a length of at least 15 characters. To configure the password minimum length, enter the following commands: configure management security password minimum length 15 |