Details

It is recommended not to reveal password fields.

Solution

Set the value of parameter disable_password_reveal in /etc/openstack-dashboard/local_settings.py to True

Supportive Information

The following resource is also helpful.

• http://docs.openstack.org/security-guide/dashboard/checklist.html

This security hardening control applies to the following category of controls within NIST 800-53: Configuration Management.This control applies to the following type of system Unix.

References

• 800-53|CM-7.

Source

• Tenable.com/audits