UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The vCenter Server must configure the "vpxuser" password to meet length policy.


Overview

Finding ID Version Rule ID IA Controls Severity
V-256356 VCSA-70-000276 SV-256356r885679_rule Medium
Description
The "vpxuser" password default length is 32 characters. Ensure this setting meets site policies; if not, configure to meet password length policies. Longer passwords make brute-force password attacks more difficult. The "vpxuser" password is added by vCenter, meaning no manual intervention is normally required. The "vpxuser" password length must never be modified to less than the default length of 32 characters.
STIG Date
VMware vSphere 7.0 vCenter Security Technical Implementation Guide 2023-12-21

Details

Check Text ( C-60031r885677_chk )
From the vSphere Client, go to Host and Clusters.

Select a vCenter Server >> Configure >> Settings >> Advanced Settings.

Verify "config.vpxd.hostPasswordLength" is set to "32".

or

From a PowerCLI command prompt while connected to the vCenter server, run the following command:

Get-AdvancedSetting -Entity -Name config.vpxd.hostPasswordLength and verify it is set to 32.

If the "config.vpxd.hostPasswordLength" is set to a value other than "32", this is a finding.

If the setting does not exist, this is not a finding.
Fix Text (F-59974r885678_fix)
From the vSphere Client, go to Host and Clusters.

Select a vCenter Server >> Configure >> Settings >> Advanced Settings.

Click "Edit Settings" and configure the "config.vpxd.hostPasswordLength" value to "32".

or

From a PowerCLI command prompt while connected to the vCenter server, run the following command:

Get-AdvancedSetting -Entity -Name config.vpxd.hostPasswordLength | Set-AdvancedSetting -Value 32