The network element must obscure feedback of authentication information during the authentication process to protect the information from possible use by unauthorized individuals.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-27347	SRG-NET-000167	SV-34652r1_rule		Medium

Description
Authorization for access to any network element requires an approved and assigned individual account identifier. To ensure that only the assigned individual is using the account, the account holder must create a strong password that is privately maintained and changed based on the organization-defined frequency. During the authentication process, malicious users can gain knowledge of passwords during authentication process by sniffing local traffic between the network element and the authentication server or even walking by a user logging on and viewing what had been keyed in. It is imperative the network element prevents any form of authentication feedback that can be used to learn account passwords.

Description

Authorization for access to any network element requires an approved and assigned individual account identifier. To ensure that only the assigned individual is using the account, the account holder must create a strong password that is privately maintained and changed based on the organization-defined frequency. During the authentication process, malicious users can gain knowledge of passwords during authentication process by sniffing local traffic between the network element and the authentication server or even walking by a user logging on and viewing what had been keyed in. It is imperative the network element prevents any form of authentication feedback that can be used to learn account passwords.

STIG	Date
Network Security Requirements Guide	2011-12-28

Details

Check Text ( None )
None

Fix Text (None)
None