IBM Aspera Console passwords must be prohibited from reuse for a minimum of five generations.

An XCCDF Rule

Description

<VulnDiscussion>Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. If the information system or application allows the user to reuse their password consecutively when that password has exceeded its defined lifetime, the end result is a password that is not changed per policy requirements.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID: SV-252567r817871_rule
Severity: Medium
References: CCI-000200
Updated: about 1 year ago

Configure IBM Aspera Console passwords to be prohibited from reuse for a minimum of five generations: 

- Log in to the IBM Aspera Console web page as a user with administrative privilege. 
- Select the "Configuration" tab.
- Select the "Defaults" tab.
- Scroll down to the "Console Password Options" section.- Put a check in the "Password Expiration" check box.
- Edit the "Password Reuse Limit" option to "5" or more.
 Note: "0" disables the "Password Reuse Limit" option.
- Select "Save" at the bottom of the page.

IBM Aspera Console passwords must be prohibited from reuse for a minimum of five generations.

Description

Remediation - Manual Procedure