STIGQter STIGQter: STIG Summary: Canonical Ubuntu 18.04 LTS Security Technical Implementation Guide Version: 2 Release: 3 Benchmark Date: 23 Apr 2021:

The Ubuntu operating system must prevent the use of dictionary words for passwords.

DISA Rule

SV-219184r610963_rule

Vulnerability Number

V-219184

Group Title

SRG-OS-000480-GPOS-00225

Rule Version

UBTU-18-010113

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Configure the Ubuntu operating system to prevent the use of dictionary words for passwords.

Add or update the following line in the "/etc/security/pwquality.conf" file to include the "dictcheck=1" parameter:

dictcheck=1

Check Contents

Verify that the Ubuntu operating system uses the cracklib library to prevent the use of dictionary words with the following command:

# grep dictcheck /etc/security/pwquality.conf

dictcheck=1

If the "dictcheck" parameter is not set to "1", or is commented out, this is a finding.

Vulnerability Number

V-219184

Documentable

False

Rule Version

UBTU-18-010113

Severity Override Guidance

Verify that the Ubuntu operating system uses the cracklib library to prevent the use of dictionary words with the following command:

# grep dictcheck /etc/security/pwquality.conf

dictcheck=1

If the "dictcheck" parameter is not set to "1", or is commented out, this is a finding.

Check Content Reference

M

Target Key

4055

Comments