UCF STIG Viewer Logo

The system must require passwords to contain no more than three consecutive repeating characters.


Overview

Finding ID Version Rule ID IA Controls Severity
V-216096 SOL-11.1-040110 SV-216096r603268_rule Low
Description
Complex passwords can reduce the likelihood of success of automated password-guessing attacks.
STIG Date
Solaris 11 X86 Security Technical Implementation Guide 2021-11-23

Details

Check Text ( C-17334r372670_chk )
Check the MAXREPEATS setting.

# grep ^MAXREPEATS /etc/default/passwd

If the MAXREPEATS setting is greater than 3, this is a finding.
Fix Text (F-17332r372671_fix)
The root role is required.
# pfedit /etc/default/passwd

Locate the line containing:

MAXREPEATS

Change the line to read:

MAXREPEATS=3