The Juniper SRX Services Gateway must use the SHA256 or later protocol for password authentication for local accounts using password authentication (i.e., the root account and the account of last resort).

An XCCDF Rule

Details
Profiles

Description

Passwords must be protected at all times, and encryption is the standard method for protecting passwords. If passwords are not encrypted, they can be plainly read (i.e., clear text) and easily compromised.

ID: SV-223223r1056174_rule
Version: JUSX-DM-000136
Severity: High
References: CCI-000197
Updated: 6 days ago

Remediation Templates

Enter the following example command from the configuration mode.
 
[edit]
set system login password format sha256

The Juniper SRX Services Gateway must use the SHA256 or later protocol for password authentication for local accounts using password authentication (i.e., the root account and the account of last resort).

Description

Remediation Templates

A Manual Procedure