UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The system must require passwords to contain no more than three consecutive repeating characters.


Overview

Finding ID Version Rule ID IA Controls Severity
V-47993 SOL-11.1-040110 SV-60865r1_rule Low
Description
Complex passwords can reduce the likelihood of success of automated password-guessing attacks.
STIG Date
Solaris 11 SPARC Security Technical Implementation Guide 2017-01-05

Details

Check Text ( C-50429r1_chk )
Check the MAXREPEATS setting.

# grep ^MAXREPEATS /etc/default/passwd

If the MAXREPEATS setting is greater than 3, this is a finding.
Fix Text (F-51605r1_fix)
The root role is required.
# pfedit /etc/default/passwd

Locate the line containing:

MAXREPEATS

Change the line to read:

MAXREPEATS=3