RHEL 9 must ensure the password complexity module is enabled in the system-auth file.

An XCCDF Rule

Details
Profiles
Prose

Description

<VulnDiscussion>Enabling PAM password complexity permits enforcement of strong passwords and consequently makes the system less prone to dictionary attacks.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID: SV-258098r1014887_rule
Severity: Medium
References: CCI-000366
Updated: 17 days ago

Configure RHEL 9 to use "pwquality" to enforce password complexity rules.

Add the following line to the "/etc/pam.d/system-auth" file(or modify the line to have the required value):

password required pam_pwquality.so

RHEL 9 must ensure the password complexity module is enabled in the system-auth file.

Description

Remediation - Manual Procedure