STIGQter STIGQter: STIG Summary: SLES 12 Security Technical Implementation Guide Version: 2 Release: 3 Benchmark Date: 23 Apr 2021:

The SUSE operating system must be configured to create or update passwords with a minimum lifetime of 24 hours (one day).

DISA Rule

SV-217128r646695_rule

Vulnerability Number

V-217128

Group Title

SRG-OS-000075-GPOS-00043

Rule Version

SLES-12-010260

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Configure the SUSE operating system to enforce 24 hours/one day or greater as the minimum password age.

Edit the file "/etc/login.defs" and add or correct the following line. Replace [DAYS] with the appropriate amount of days:

PASS_MIN_DAYS [DAYS]

The DoD requirement is "1" but a greater value is acceptable.

Check Contents

Verify the SUSE operating system to create or update passwords with minimum password age of one day or greater.

Check that the SUSE operating system enforces 24 hours/one day as the minimum password age, run the following command:

> grep '^PASS_MIN_DAYS' /etc/login.defs

PASS_MIN_DAYS 1

If no output is produced, or if "PASS_MIN_DAYS" does not have a value of "1" or greater, this is a finding.

Vulnerability Number

V-217128

Documentable

False

Rule Version

SLES-12-010260

Severity Override Guidance

Verify the SUSE operating system to create or update passwords with minimum password age of one day or greater.

Check that the SUSE operating system enforces 24 hours/one day as the minimum password age, run the following command:

> grep '^PASS_MIN_DAYS' /etc/login.defs

PASS_MIN_DAYS 1

If no output is produced, or if "PASS_MIN_DAYS" does not have a value of "1" or greater, this is a finding.

Check Content Reference

M

Target Key

4033

Comments