Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The operating system must enforce the number of characters changed when passwords are changed.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-28885 | SRG-OS-000072 | SV-36876r1_rule | Medium |
| Description |
|---|
| Passwords need to be changed at specific policy based intervals. If the operating system allows the user to consecutively reuse extensive portions of their password when they change their password, the end result is a password that may be compromised if the old password was known or guessable. |
| STIG | Date |
|---|---|
| Operating System Security Requirements Guide | 2013-03-28 |
Details
| Check Text ( None ) |
|---|
| None |
| Fix Text (None) |
|---|
| None |