The HYCU virtual appliance must enforce a minimum 15-character password length.

Quick Actions

We are continuing to improve Stigviewer and we are planning on rolling out new services in the near future. Would you like to be part of the conversation on what those features should be? If so, click here.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-268266	HYCU-ND-000580	SV-268266r1038758_rule		Medium

Description

Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. Password length is one factor of several that helps to determine strength and how long it takes to crack a password. The shorter the password, the lower the number of possible combinations that need to be tested before the password is compromised. Use of more characters in a password helps to exponentially increase the time and/or resources required to compromise the password.

STIG	Date
HYCU Protege Security Technical Implementation Guide	2024-10-29

Details

Check Text (C-72287r1038496_chk)

Check for the value of the "minlen" option in "/etc/security/pwquality.conf" with the following command:
grep minlen /etc/security/pwquality.conf

If the minlen value is not set to "15", this is a finding.

Check for the value of the "user.password.min.length" variable in "/opt/grizzly/config.properties" HYCU configuration file with the following command:
grep user.password.min.length /opt/grizzly/config.properties

If the value is not set to 15 or more, this is a finding.

Fix Text (F-72190r1038757_fix)

Add the following line to "/etc/security/pwquality.conf" (or modify the line to have the required value).
minlen = 15

Add or modify the following line in the /opt/grizzly/config.properties configuration file:
user.password.min.length=15

Reload the HYCU application by running the following command:
sudo systemctl reload grizzly

STIG VIEWER