Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
AIX must require passwords to contain no more than three consecutive repeating characters.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-215232 | AIX7-00-001136 | SV-215232r508663_rule | Medium |
| Description |
|---|
| Passwords with excessive repeating characters may be more vulnerable to password-guessing attacks. |
| STIG | Date |
|---|---|
| IBM AIX 7.x Security Technical Implementation Guide | 2021-03-10 |
Details
| Check Text ( C-16430r294147_chk ) |
|---|
| Check system default for "maxrepeats" attribute: # lssec -f /etc/security/user -s default -a maxrepeats default maxrepeats=3 If the default "maxrepeats" is greater than "3", or its value is not set, or its value is set to "0", this is a finding. Check the "maxrepeats" setting for all users using: # lsuser -a maxrepeats ALL The above command should yield the following output: root maxrepeats=3 daemon maxrepeats=3 bin maxrepeats=3 sys maxrepeats=3 If the "maxrepeats" setting for any user is greater than "3", or its value is set to "0", this is a finding. |
| Fix Text (F-16428r294148_fix) |
|---|
| Use the "chsec" command to set "maxrepeats" to "3" for the default stanza: # chsec -f /etc/security/user -s default -a maxrepeats=3 Use the "chsec" command to set "maxrepeats" to "3" for all the users who have "maxrepeats" values that are greater than "3", or its value is set to "0": # chuser maxrepeats=3 [user_name] |