Skip to content
ATO Pathways
  Log In

CCI-004063

For password-based authentication, require immediate selection of a new password upon account recovery.

Logo
1

Rule

Severity: Medium
For password-based authentication, AAA Services must be configured to require immediate selection of a new password upon account recovery.
Logo
1

Rule

Severity: Medium
The Central Log Server must for password-based authentication, require immediate selection of a new password upon account recovery.
Logo
1

Rule

Severity: Medium
The Cisco ISE must be configured to use an external authentication server to authenticate administrators prior to granting administrative access.
Logo
1

Rule

Severity: Medium
The container platform must for password-based authentication, require immediate selection of a new password upon account recovery.
Logo
1

Rule

Severity: Medium
The DBMS must, for password-based authentication, require immediate selection of a new password upon account recovery.
Logo
1

Rule

Severity: Medium
The DNS server implementation must, for password-based authentication, require immediate selection of a new password upon account recovery.
Logo
1

Rule

Severity: Medium
Forescout must be configured to use an authentication server for the purpose of authenticating users prior to granting administrative access.
Logo
1

Rule

Severity: Medium
The operating system must for password-based authentication, require immediate selection of a new password upon account recovery.
Logo
1

Rule

Severity: Medium
CA-TSS ACID creation must use the EXP option.
Logo
1

Rule

Severity: High
The ICS must be configured to prevent nonprivileged users from executing privileged functions.
Logo
1

Rule

Severity: High
The Juniper EX switch must be configured to use an authentication server for the purpose of authenticating users prior to granting administrative access.
Logo
1

Rule

Severity: Medium
The Juniper SRX Services Gateway must be configured to use an authentication server to centrally manage authentication and logon settings for remote and nonlocal access.
Logo
1

Rule

Severity: Medium
The Mainframe Product must, for password-based authentication, require immediate selection of a new password upon account recovery.
Logo
1

Rule

Severity: Medium
The network device must be configured to require immediate selection of a new password upon account recovery for password-based authentication.
Logo
1

Rule

Severity: High
The TippingPoint SMS must be configured to use an authentication server for the purpose of authenticating users prior to granting administrative access and to enforce access restrictions.
Logo
1

Rule

Severity: Medium
The VMM must for password-based authentication, require immediate selection of a new password upon account recovery.
Logo
1

Rule

Severity: Medium
The web server must, for password-based authentication, require immediate selection of a new password upon account recovery.

Patternfly

PatternFly elements

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules