The system must establish a password policy for password complexity.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| SRG-OS-99999-ESXI5-000148-PNF | SRG-OS-99999-ESXI5-000148-PNF | SRG-OS-99999-ESXI5-000148-PNF_rule | Medium |
| Description |
|---|
| ESXi uses the pam_passwdqc.so plug-in to set rules that users must observe when creating passwords and to check password strength. Passwords that are not easily guessed and that are difficult for password generators to determine must be used. PNF - This requirement duplicates (in less granular form) and is already satisfied by "other", more granular STIG requirements. |
| STIG | Date |
|---|---|
| VMware ESXi v5 Security Technical Implementation Guide | 2013-01-15 |
Details
| Check Text ( C-SRG-OS-99999-ESXI5-000148-PNF_chk ) |
|---|
| ESXi supports this requirement and cannot be configured to be out of compliance. This is a permanent not a finding. |
| Fix Text (F-SRG-OS-99999-ESXI5-000148-PNF_fix) |
|---|
| This requirement is permanent not a finding. No fix is required. |