STIGQter STIGQter: STIG Summary: CA API Gateway NDM Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 19 Sep 2016: If multifactor authentication is not supported and passwords must be used, the CA API Gateway must require that when a password is changed, the characters are changed in at least 8 of the positions within the password.

DISA Rule

SV-86157r1_rule

Vulnerability Number

V-71533

Group Title

SRG-APP-000170-NDM-000329

Rule Version

CAGW-DM-000170

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Set the password attribute "difok" field is set to "8" in the following files:

-- /etc/pam.d/password-auth
-- /etc/pam.d/password-auth-ac

Check Contents

Verify the password attribute "difok" field is set to "8" in the following files:

-- /etc/pam.d/password-auth
-- /etc/pam.d/password-auth-ac

If the password attribute "difok" field is not set to "8" in these files, this is a finding.

Vulnerability Number

V-71533

Documentable

False

Rule Version

CAGW-DM-000170

Severity Override Guidance

Verify the password attribute "difok" field is set to "8" in the following files:

-- /etc/pam.d/password-auth
-- /etc/pam.d/password-auth-ac

If the password attribute "difok" field is not set to "8" in these files, this is a finding.

Check Content Reference

M

Target Key

3051

Comments