![]() Thus, the FI should enforce strong password controls over usersâ access to applications and systems. Passwords represent the first line of defence, and if not implemented appropriately, they can be the weakest link in the organisation.(T26.2(3), FISC Security Guidelines on Computer Systems for Banking and Related Financial Institutions, 7th Edition) The organization should not allow users to use their previous two passwords.¶ 1 (c), Guidelines for Reducing and Mitigating Hacking Risks Associated with Internet Trading) Minimum password complexity (ie, alphanumeric) and history (1.6. ![]() If the line containing "pam_pwhistory.so" does not have the "remember" module argument set, is commented out, or the value of the "remember" module argument is set to less than "5", this is a finding. RHEL-08-020220 Severity Override Guidance Password required pam_pwhistory.so use_authtok remember=5 retry=3 $ sudo grep -i remember /etc/pam.d/system-auth /etc/pam.d/password-auth Verify the operating system prohibits password reuse for a minimum of five generations.Ĭheck for the value of the "remember" argument in "/etc/pam.d/system-auth" and "/etc/pam.d/password-auth" with the following command: Password required pam_pwhistory.so use_authtok remember=5 retry=3 Check Contents
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |