UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The system must require passwords to contain at least one special character.


Overview

Finding ID Version Rule ID IA Controls Severity
V-47991 SOL-11.1-040100 SV-60863r1_rule Medium
Description
Complex passwords can reduce the likelihood of success of automated password-guessing attacks.
STIG Date
Solaris 11 SPARC Security Technical Implementation Guide 2017-01-05

Details

Check Text ( C-50427r1_chk )
Check the MINSPECIAL setting.

# grep ^MINSPECIAL /etc/default/passwd

If the MINSPECIAL setting is less than 1, this is a finding.
Fix Text (F-51603r1_fix)
The root role is required.
# pfedit /etc/default/passwd a

Locate the line containing:

MINSPECIAL

Change the line to read:

MINSPECIAL=1