OL 8 must prevent the use of dictionary words for passwords.
An XCCDF Rule
Description
If OL 8 allows the user to select passwords based on dictionary words, this increases the chances of password compromise by increasing the opportunity for successful guesses and brute-force attacks.
- ID
- SV-248711r991587_rule
- Version
- OL08-00-020300
- Severity
- Medium
- References
- Updated
Remediation Templates
A Manual Procedure
Configure OL 8 to prevent the use of dictionary words for passwords.
Add or update the following line in the "/etc/security/pwquality.conf" file or a configuration file in the "/etc/security/pwquality.conf.d/" directory:
dictcheck=1
Remove any configurations that conflict with the above value.