Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
Maximum password age does not meet minimum requirements.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-7962 | DSN13.07 | SV-8448r1_rule | ECSC-1 IAIA-1 IAIA-2 | Medium |
| Description |
|---|
| Requirement: The IAO will ensure that all user passwords are changed at intervals of 90 days or less. The longer a password is in use, the greater the opportunity for someone to gain unauthorized knowledge of the passwords. Further, scheduled changing of passwords hinders the ability of unauthorized system users to crack passwords and gain access to a system. |
| STIG | Date |
|---|---|
| Defense Switched Network (DSN) STIG | 2015-08-11 |
Details
| Check Text ( C-7373r1_chk ) |
|---|
| Have the IAO or SA demonstrate compliance with the requirement; minimally on a sampling of the related or effected devices. Inspect configuration files as applicable. |
| Fix Text (F-7537r1_fix) |
|---|
| Ensure password life is no greater than 90 (180) days from the last password change. |