Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
Users must be warned 14 days in advance of password expiration.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| RHEL-06-000054 | RHEL-06-000054 | RHEL-06-000054_rule | Low |
| Description |
|---|
| Setting the password warning age enables users to make the change at a practical time. |
| STIG | Date |
|---|---|
| Red Hat Enterprise Linux 6 Security Technical Implementation Guide | 2013-02-05 |
Details
| Check Text ( C-RHEL-06-000054_chk ) |
|---|
| To check the password warning age, run the command: $ grep PASS_WARN_AGE /etc/login.defs The DoD requirement is 7. If it is not set to the required value, this is a finding. |
| Fix Text (F-RHEL-06-000054_fix) |
|---|
| To specify how many days prior to password expiration that a warning will be issued to users, edit the file "/etc/login.defs" and add or correct the following line, replacing [DAYS] appropriately: PASS_WARN_AGE [DAYS] The DoD requirement is 7. |