Default passwords must be changed.

An XCCDF Rule

Description

Default passwords can easily be compromised by attackers allowing immediate access to the applications.

ID: SV-222662r961863_rule
Version: APSC-DV-003280
Severity: High
References: CCI-003109
Updated: about 2 months ago

Remediation Templates

Configure the application to use strong authenticators instead of passwords when possible. Otherwise, change default passwords to a DoD-approved strength password and follow all guidance for passwords.