STIGQter STIGQter: STIG Summary: DBN-6300 NDM Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 12 Sep 2017:

If multifactor authentication is not supported and passwords must be used, the DBN-6300 must enforce password complexity by requiring that at least one special character be used.

DISA Rule

SV-91665r1_rule

Vulnerability Number

V-76969

Group Title

SRG-APP-000169-NDM-000257

Rule Version

DBNW-DM-000060

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Set the password-complexity variable within the DBN-6300 through the CLI.

This value is set with the following registry entry in the CLI:
reg set /sysconfig/auth/01 {"stores": {"local": {"policies": {"passwordQuality": {"owasp": {"enable": true,"allowPassphrases": false }}}}}}

Check Contents

To see if the system requires password complexity attempt to change your password to a non-conforming password.

If the user is able to change their password without meeting the requirement, this is a finding.

Vulnerability Number

V-76969

Documentable

False

Rule Version

DBNW-DM-000060

Severity Override Guidance

To see if the system requires password complexity attempt to change your password to a non-conforming password.

If the user is able to change their password without meeting the requirement, this is a finding.

Check Content Reference

M

Target Key

2947

Comments