UCF STIG Viewer Logo

The operating system must enforce maximum password lifetime restrictions.


Overview

Finding ID Version Rule ID IA Controls Severity
V-28774 SRG-OS-000076 SV-36764r1_rule Medium
Description
Passwords need to be changed at specific policy based intervals. Any password no matter how complex can eventually be cracked. One method of minimizing this risk is to use complex passwords and periodically change them. If the operating system does not limit the lifetime of passwords and force users to change their passwords, there is the risk that system passwords could be compromised.
STIG Date
Operating System Security Requirements Guide 2013-03-28

Details

Check Text ( None )
None
Fix Text (None)
None