Details

Enforces the Enterprise Password Policy by setting compliant local password requirements for the security appliance

Rationale:

The password policy helps to prevent unauthorized accesses by enforcing the password for more complexity and making them difficult to be guessed. This applies to the local database.

Solution

Run the following to set the password minimum length, to be greater than or equal to 14

>configure user minpasswdlen

Supportive Information

The following resource is also helpful.

• https://www.cisco.com/c/en/us/td/docs/security/firepower/623/configuration/guide/fpmc-config-guide-v623.html

This security hardening control applies to the following category of controls within NIST 800-53: Identification and Authentication.This control applies to the following type of system Cisco.

References

• 800-53|IA-5(1)

Source

• Tenable.com/audits