Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
Nutanix AOS must prevent the use of dictionary words for passwords.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-254192 | NUTX-OS-001050 | SV-254192r991587_rule | Medium |
| Description |
|---|
| If the operating system allows the user to select passwords based on dictionary words, then this increases the chances of password compromise by increasing the opportunity for successful guesses and brute-force attacks. |
| STIG | Date |
|---|---|
| Nutanix AOS 5.20.x OS Security Technical Implementation Guide | 2024-06-18 |
Details
| Check Text ( C-57677r846662_chk ) |
|---|
| Confirm Nutanix AOS prevents the use of dictionary words for passwords. Check the /etc/pam.d/password-auth file for pam_pwquality.so $ sudo grep pwquality.so /etc/pam.d/password-auth password requisite pam_pwquality.so try_first_pass local_users_only enforce_for_root retry=3 authtok_type= If the output does not contain "pam_pwquality.so" with the option of "required" or "requisite", this is a finding. |
| Fix Text (F-57628r846663_fix) |
|---|
| Configure Nutanix AOS to enforce the use of pam_pwquality.so by running the following command. $ sudo salt-call state.sls security/CVM/pamCVM |