Skip to content
ATO Pathways
Log In
Overview
Search
Catalogs
SCAP
OSCAL
Catalogs
Profiles
Documents
References
Knowledge Base
Platform Documentation
Compliance Dictionary
Platform Changelog
About
Catalogs
XCCDF
Red Hat Enterprise Linux 8 Security Technical Implementation Guide
SRG-OS-000076-GPOS-00044
RHEL 8 user account passwords must be configured so that existing passwords are restricted to a 60-day maximum lifetime.
RHEL 8 user account passwords must be configured so that existing passwords are restricted to a 60-day maximum lifetime.
An XCCDF Rule
Details
Profiles
Prose
RHEL 8 user account passwords must be configured so that existing passwords are restricted to a 60-day maximum lifetime.
Medium Severity
<VulnDiscussion>Any password, no matter how complex, can eventually be cracked. Therefore, passwords need to be changed periodically. If RHEL 8 does not limit the lifetime of passwords and force users to change their passwords, there is the risk that RHEL 8 passwords could be compromised.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>