Capacity
CCI-000198
The information system enforces minimum password lifetime restrictions.
28
Rule
Severity: Medium
Set Password Minimum Age
18
Rule
Severity: Medium
Set Existing Passwords Minimum Age
9
Rule
Severity: Medium
Set Existing Passwords Warning Age
1
Rule
Severity: Medium
AAA Services must be configured to enforce 24 hours as the minimum password lifetime.
1
Rule
Severity: Medium
Compliance Guardian must provide automated mechanisms for supporting account management functions.
2
Rule
Severity: Medium
The application must enforce 24 hours/1 day as the minimum password lifetime.
1
Rule
Severity: Low
The Central Log Server must be configured to enforce 24 hours/1 day as the minimum password lifetime.
1
Rule
Severity: Medium
The DBN-6300 must enforce 24 hours/1 day as the minimum password lifetime.
1
Rule
Severity: Medium
The HP FlexFabric Switch must enforce 24 hours/1 day as the minimum password lifetime.
1
Rule
Severity: Medium
IBM zVM CA VM:Secure product PASSWORD user exit must be in use.
2
Rule
Severity: Medium
The Jamf Pro EMM local accounts must be configured with password minimum lifetime of 24 hours.
1
Rule
Severity: Medium
The Mainframe Product must enforce 24 hours/1 day as the minimum password lifetime.
1
Rule
Severity: Medium
If SQL Server authentication, using passwords, is employed, SQL Server must enforce the DoD standards for password lifetime.
1
Rule
Severity: Medium
Nutanix AOS must enforce 24 hours/1 day as the minimum password lifetime.
1
Rule
Severity: Medium
Access to Prisma Cloud Compute must be managed based on user need and least privileged using external identity providers for authentication and grouping to role-based assignments when possible.
1
Rule
Severity: High
Innoslate must use multifactor authentication for network access to privileged and non-privileged accounts.
1
Rule
Severity: Medium
Tanium must enforce 24 hours/1 day as the minimum password lifetime.
1
Rule
Severity: Medium
The Tanium Operating System (TanOS) must enforce 24 hours/1 day as the maximum password lifetime.
1
Rule
Severity: Medium
The UEM server must enforce 24 hours/1 day as the minimum password lifetime.
3
Rule
Severity: Low
The Ubuntu operating system must enforce 24 hours/1 day as the minimum password lifetime. Passwords for new users must have a 24 hours/1 day minimum password lifetime restriction.
2
Rule
Severity: Medium
The macOS system must set minimum password lifetime to 24 hours.
1
Rule
Severity: Medium
The container platform must enforce 24 hours (one day) as the minimum password lifetime.
1
Rule
Severity: Medium
Operating systems must enforce 24 hours/1 day as the minimum password lifetime.
2
Rule
Severity: Medium
AIX Operating systems must enforce 24 hours/1 day as the minimum password lifetime.
1
Rule
Severity: Medium
The CA-TSS NEWPW control options must be properly set.
1
Rule
Severity: Medium
ACF2 PSWD GSO record value must be set to require 24 hours/1 day as the minimum password lifetime.
1
Rule
Severity: Medium
The IBM RACF SETROPTS PASSWORD(MINCHANGE) value must be set to 1.
6
Rule
Severity: Medium
The minimum password age must be configured to at least 1 day.
2
Rule
Severity: Medium
Windows Server 2016 minimum password age must be configured to at least one day.
3
Rule
Severity: Medium
Windows Server 2019 minimum password age must be configured to at least one day.
3
Rule
Severity: Medium
Windows Server 2022 minimum password age must be configured to at least one day.
2
Rule
Severity: Medium
The Oracle Linux operating system must be configured so that passwords for new users are restricted to a 24 hours/1 day minimum lifetime.
2
Rule
Severity: Medium
The Oracle Linux operating system must be configured so that passwords are restricted to a 24 hours/1 day minimum lifetime.
1
Rule
Severity: Medium
OL 8 passwords for new users or password changes must have a 24 hours/1 day minimum password lifetime restriction in "/etc/shadow".
1
Rule
Severity: Medium
OL 8 passwords for new users or password changes must have a 24 hours/1 day minimum password lifetime restriction in "/etc/login.defs".
2
Rule
Severity: High
OpenShift must use FIPS validated LDAP or OpenIDConnect.
1
Rule
Severity: Medium
The Red Hat Enterprise Linux operating system must be configured so that passwords for new users are restricted to a 24 hours/1 day minimum lifetime.
1
Rule
Severity: Medium
The Red Hat Enterprise Linux operating system must be configured so that passwords are restricted to a 24 hours/1 day minimum lifetime.
2
Rule
Severity: Medium
RHEL 8 passwords must have a 24 hours/1 day minimum password lifetime restriction in /etc/shadow.
2
Rule
Severity: Medium
RHEL 8 passwords for new users or password changes must have a 24 hours/1 day minimum password lifetime restriction in /etc/login.defs.
4
Rule
Severity: Medium
The SUSE operating system must be configured to create or update passwords with a minimum lifetime of 24 hours (one day).
4
Rule
Severity: Medium
The SUSE operating system must employ user passwords with a minimum lifetime of 24 hours (one day).
2
Rule
Severity: Medium
RHEL 9 passwords for new users or password changes must have a 24 hours minimum password lifetime restriction in /etc/login.defs.
2
Rule
Severity: Medium
RHEL 9 passwords must have a 24 hours minimum password lifetime restriction in /etc/shadow.
2
Rule
Severity: Medium
The operating system must enforce minimum password lifetime restrictions.
1
Rule
Severity: Medium
The VMM must enforce 24 hours/1 day as the minimum password lifetime.
1
Rule
Severity: Medium
The Photon operating system must be configured so that passwords for new users are restricted to a 24-hour minimum lifetime.
3
Rule
Severity: Medium
The Photon operating system must enforce one day as the minimum password lifetime.
1
Rule
Severity: Medium
The BIG-IP appliance must be configured to enforce 24 hours/1 day as the minimum password lifetime.
1
Rule
Severity: Medium
Ubuntu 22.04 LTS must enforce 24 hours/one day as the minimum password lifetime. Passwords for new users must have a 24 hours/one day minimum password lifetime restriction.
1
Rule
Severity: Medium
Dragos Platform must use an Identity Provider (IDP) for authentication and authorization processes.
1
Rule
Severity: Medium
MKE must be configured to integrate with an Enterprise Identity Provider.
1
Rule
Severity: Medium
Access to Prisma Cloud Compute must be managed based on user need and least privileged using external identity providers for authentication and grouping to role-based assignments when possible.
1
Rule
Severity: Medium
OL 8 passwords for new users or password changes must have a 24 hours/one day minimum password lifetime restriction in "/etc/shadow".
1
Rule
Severity: Medium
OL 8 passwords for new users or password changes must have a 24 hours/one day minimum password lifetime restriction in "/etc/login.defs".
1
Rule
Severity: Medium
SLEM 5 must employ user passwords with a minimum lifetime of 24 hours (one day).
1
Rule
Severity: Medium
SLEM 5 must be configured to create or update passwords with a minimum lifetime of 24 hours (one day).
1
Rule
Severity: Medium
The Tanium Operating System (TanOS) must enforce 24 hours/one day as the maximum password lifetime.
1
Rule
Severity: Medium
Tanium must enforce 24 hours/one day as the minimum password lifetime.
Patternfly
PatternFly elements
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Modules