The system must require passwords to contain no more than three consecutive repeating characters.

Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The system must require passwords to contain no more than three consecutive repeating characters.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-216331	SOL-11.1-040110	SV-216331r959010_rule		Low

Description
Complex passwords can reduce the likelihood of success of automated password-guessing attacks.

STIG	Date
Solaris 11 SPARC Security Technical Implementation Guide	2024-05-30

Details

Check Text ( C-17567r371081_chk )
Check the MAXREPEATS setting. # grep ^MAXREPEATS /etc/default/passwd If the MAXREPEATS setting is greater than 3, this is a finding.

Fix Text (F-17565r371082_fix)
The root role is required. # pfedit /etc/default/passwd Locate the line containing: MAXREPEATS Change the line to read: MAXREPEATS=3