STIGQter: STIG Summary: Canonical Ubuntu 20.04 LTS Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 10 Mar 2021:

The Ubuntu operating system must allow the use of a temporary password for system logons with an immediate change to a permanent password.

DISA Rule

SV-238361r654258_rule

Vulnerability Number

V-238361

Group Title

SRG-OS-000380-GPOS-00165

Rule Version

UBTU-20-010440

Severity

CAT II

CCI(s)

CCI-002041 - The information system allows the use of a temporary password for system logons with an immediate change to a permanent password.

Weight

Fix Recommendation

Create a policy that ensures when a user is created, it is created using a method that forces a user to change their password upon their next login.

Below are two examples of how to create a user account that requires the user to change their password upon their next login.

$ sudo chage -d 0 [UserName]

or

$ sudo passwd -e [UserName]

Check Contents

Verify a policy exists that ensures when a user account is created, it is created using a method that forces a user to change their password upon their next login.

If a policy does not exist, this is a finding.

Vulnerability Number

V-238361

Documentable

False

Rule Version

UBTU-20-010440

Severity Override Guidance

Check Content Reference

Target Key

5318

The Ubuntu operating system must allow the use of a temporary password for system logons with an immediate change to a permanent password.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments