Skip to content

I - Mission Critical Public

Rules and Groups employed by this XCCDF Profile

  • The network device must be configured to verify when users create or update passwords, that the passwords are not found on the list of commonly-used, expected, or compromised passwords in IA-5 (1) (a) for password-based authentication.

    <VulnDiscussion>Password-based authentication applies to passwords regardless of whether they are used in single-factor or multifactor authen...
    Rule Medium Severity
  • SRG-APP-000855

    <GroupDescription></GroupDescription>
    Group
  • The network device must be configured to require immediate selection of a new password upon account recovery for password-based authentication.

    &lt;VulnDiscussion&gt;Password-based authentication applies to passwords regardless of whether they are used in single-factor or multifactor authen...
    Rule Medium Severity
  • SRG-APP-000860

    <GroupDescription></GroupDescription>
    Group
  • The network device must be configured to allow user selection of long passwords and passphrases, including spaces and all printable characters for password-based authentication.

    &lt;VulnDiscussion&gt;Password-based authentication applies to passwords regardless of whether they are used in single-factor or multifactor authen...
    Rule Medium Severity

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules