Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
Users must not be able to change passwords more than once every 24 hours.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-38477 | RHEL-06-000051 | SV-50277r1_rule | Medium |
| Description |
|---|
| Setting the minimum password age protects against users cycling back to a favorite password after satisfying the password reuse requirement. |
| STIG | Date |
|---|---|
| Red Hat Enterprise Linux 6 Security Technical Implementation Guide | 2017-04-28 |
Details
| Check Text ( None ) |
|---|
| None |
| Fix Text (F-43422r1_fix) |
|---|
| To specify password minimum age for new accounts, edit the file "/etc/login.defs" and add or correct the following line, replacing [DAYS] appropriately: PASS_MIN_DAYS [DAYS] A value of 1 day is considered sufficient for many environments. The DoD requirement is 1. |