The DBN-6300 must enforce a minimum 15-character password length.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-76959	DBNW-DM-000055	SV-91655r1_rule		Medium

Description
Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. Password length is one factor of several that helps to determine strength and how long it takes to crack a password. Since the device cannot be configured for password complexity, not having a strong password can result in the success of a brute force attack, which would give immediate access to a privileged system.

Description

Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. Password length is one factor of several that helps to determine strength and how long it takes to crack a password. Since the device cannot be configured for password complexity, not having a strong password can result in the success of a brute force attack, which would give immediate access to a privileged system.

STIG	Date
DBN-6300 NDM Security Technical Implementation Guide	2017-09-15

Details

Check Text ( C-76585r1_chk )
Verify the minimum password length is set to "15". Navigate to Settings >> Initial Configuration >> Authentication. If the "Minimum User Password Length" is not set to "15", this is a finding.

Fix Text (F-83655r1_fix)
Configure the minimum password length to "15". Navigate to Settings >> Initial Configuration >> Authentication. Enter "15" in the "Minimum User Password Length". Click on "Commit".