STIGQter: STIG Summary: HPE 3PAR StoreServ 3.2.x Security Technical Implementation Guide Version: 1 Release: 3 Benchmark Date: 28 Jul 2017:

The storage system must require passwords contain a minimum of 15 characters, after an administrator has set the minimum password length to that value.

DISA Rule

SV-85131r1_rule

Vulnerability Number

V-70509

Group Title

SRG-OS-000078-GPOS-00046

Rule Version

HP3P-32-001525

Severity

CAT II

CCI(s)

CCI-000205 - The information system enforces minimum password length.

Weight

Fix Recommendation

Configure the minimum password length for a value of "15" using the following command:

cli% setpassword -minlen 15

Note: You must have super-admin privileges to perform this action.

Check Contents

Verify that the minimum password length is set to a value of "15". Check the current password configuration:

cli% setpassword -minlen 15

If an error is reported, this is a finding.

Note: You must have super-admin privileges to perform this action.

Vulnerability Number

V-70509

Documentable

False

Rule Version

HP3P-32-001525

Severity Override Guidance

Check Content Reference

Target Key

3013

The storage system must require passwords contain a minimum of 15 characters, after an administrator has set the minimum password length to that value.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments