STIGQter: STIG Summary: Solaris 10 SPARC Security Technical Implementation Guide Version: 2 Release: 2 Benchmark Date: 22 Jan 2021:

The system must require at least eight characters be changed between the old and new passwords during a password change.

DISA Rule

SV-226467r603265_rule

Vulnerability Number

V-226467

Group Title

SRG-OS-000072

Rule Version

GEN000750

Severity

CAT II

CCI(s)

CCI-000195 - The information system, for password-based authentication, when new passwords are created, enforces that at least an organization-defined number of characters are changed.

Weight

Fix Recommendation

Edit /etc/default/passwd and set or add a MINDIFF setting equal to or greater than 8.

Check Contents

Check /etc/default/passwd to verify the MINDIFF setting.

# grep MINDIFF /etc/default/passwd

If the setting is not present, or is less than 8, this is a finding.

Vulnerability Number

V-226467

Documentable

False

Rule Version

GEN000750

Severity Override Guidance

Check /etc/default/passwd to verify the MINDIFF setting.

# grep MINDIFF /etc/default/passwd

If the setting is not present, or is less than 8, this is a finding.

Check Content Reference

Target Key

4060

The system must require at least eight characters be changed between the old and new passwords during a password change.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments