Details
Password profiles that are weaker than the recommended minimum password complexity settings must not exist.
Rationale:
As password profiles override any ‘Minimum Password Complexity’ settings defined in the device, they generally should not exist. If these password profiles do exist, they should enforce stronger password policies than what is set in the ‘Minimum Password Complexity’ settings.
Solution
Navigate to Device > Password Profiles.
Ensure Password Profiles weaker than the recommended minimum password complexity settings do not exist.
Default Value:
Not configured
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: Identification and Authentication.This control applies to the following type of system Palo_Alto.