STIGQter: STIG Summary: Red Hat Enterprise Linux 8 Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 23 Apr 2021:

RHEL 8 must prevent the use of dictionary words for passwords.

DISA Rule

SV-230377r627750_rule

Vulnerability Number

V-230377

Group Title

SRG-OS-000480-GPOS-00225

Rule Version

RHEL-08-020300

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Configure RHEL 8 to prevent the use of dictionary words for passwords.

Add or update the following line in the "/etc/security/pwquality.conf" file or a configuration file in the /etc/pwquality.conf.d/ directory to contain the "dictcheck" parameter:

dictcheck=1

Check Contents

Verify RHEL 8 prevents the use of dictionary words for passwords.

Determine if the field "dictcheck" is set in the "/etc/security/pwquality.conf" or "/etc/pwquality.conf.d/*.conf" files with the following command:

$ sudo grep dictcheck /etc/security/pwquality.conf /etc/pwquality.conf.d/*.conf

dictcheck=1

If the "dictcheck" parameter is not set to "1", or is commented out, this is a finding.

Vulnerability Number

V-230377

Documentable

False

Rule Version

RHEL-08-020300

Severity Override Guidance

Verify RHEL 8 prevents the use of dictionary words for passwords.

Determine if the field "dictcheck" is set in the "/etc/security/pwquality.conf" or "/etc/pwquality.conf.d/*.conf" files with the following command:

$ sudo grep dictcheck /etc/security/pwquality.conf /etc/pwquality.conf.d/*.conf

dictcheck=1

If the "dictcheck" parameter is not set to "1", or is commented out, this is a finding.

Check Content Reference

M

Target Key

2921

Comments