STIGQter: STIG Summary: IBM AIX 7.x Security Technical Implementation Guide Version: 2 Release: 2 Benchmark Date: 23 Apr 2021: STIGQter: STIG Summary: IBM AIX 7.x Security Technical Implementation Guide Version: 2 Release: 2 Benchmark Date: 23 Apr 2021:SV-215220r508663_rule
V-215220
SRG-OS-000072-GPOS-00040
AIX7-00-001123
CAT I
10
From the command prompt, run the following command to set "mindiff=8" (assume that the password is at least 15-character long) for the default stanza in "/etc/security/user":
# chsec -f /etc/security/user -s default -a mindiff=8
For each user who has "mindiff" value less than "8", set its "mindiff" value to "8" by running the following command from command prompt:
# chsec -f /etc/security/user -s [user_name] -a mindiff=8
From the command prompt, run the following command to check the system default "mindiff" attribute value:
# lssec -f /etc/security/user -s default -a mindiff
default mindiff=8
If the default "mindiff" value is not set, or its value is less than "8", this is a finding.
From the command prompt, run the following command to check "mindiff" attribute value for all accounts:
# lsuser -a mindiff ALL
root mindiff=9
user1 mindiff=8
user2 mindiff=8
user3 mindiff=10
If any user's "mindiff" value is less than "8", this is a finding.
V-215220
False
AIX7-00-001123
From the command prompt, run the following command to check the system default "mindiff" attribute value:
# lssec -f /etc/security/user -s default -a mindiff
default mindiff=8
If the default "mindiff" value is not set, or its value is less than "8", this is a finding.
From the command prompt, run the following command to check "mindiff" attribute value for all accounts:
# lsuser -a mindiff ALL
root mindiff=9
user1 mindiff=8
user2 mindiff=8
user3 mindiff=10
If any user's "mindiff" value is less than "8", this is a finding.
M
4012