Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-27334 | SRG-NET-000154 | SV-34639r1_rule | Medium |
Description |
---|
Authorization for access to any network element requires an approved and assigned individual account identifier. To ensure only the assigned individual is using the account, the account holder must create a strong password that is privately maintained and changed based on the organization-defined frequency. A password must have an expiration date to limit the amount of time a compromised password can be used by a malicious user. |
STIG | Date |
---|---|
Network Security Requirements Guide | 2011-12-28 |
Check Text ( None ) |
---|
None |
Fix Text (None) |
---|
None |