OL07-00-010230 – The Oracle Linux operating system must be configured so that passwords for new users are restricted to a 24 hours/1 day minimum lifetime.

Details

Enforcing a minimum password lifetime helps to prevent repeated password changes to defeat the password reuse or history enforcement requirement. If users are allowed to immediately and continually change their password, the password could be repeatedly changed in a short period of time to defeat the organization’s policy regarding password reuse.

Solution

Configure the operating system to enforce 24 hours/1 day as the minimum password lifetime.

Add the following line in ‘/etc/login.defs’ (or modify the line to have the required value):

PASS_MIN_DAYS 1

Supportive Information

The following resource is also helpful.

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Oracle_Linux_7_V2R5_STIG.zip

This security hardening control applies to the following category of controls within NIST 800-53: Identification and Authentication.This control applies to the following type of system Unix.

References

800-53|IA-5(1)(d)
CAT|II
CCI|CCI-000198
Rule-ID|SV-221681r603260_rule
STIG-ID|OL07-00-010230
STIG-Legacy|SV-108205
STIG-Legacy|V-99101
Vuln-ID|V-221681

Source

Tenable.com/audits

Updated on July 16, 2022

Was this article helpful?

Yes No

Details

Solution

Supportive Information

References

Source

Related Articles