Ensuring secure passwords
Rule Title: RiOS must enable the password authentication control policy to ensure password complexity controls and other password policy requirements are enforced.
STIG ID: RICX-DM-000091
Rule ID: SV-77431r1_rule Severity: CAT II
Vuln ID: V-62941 Class: Unclass
Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
Verifying passwords are secured
Verify authentication policy is enabled.
1. Connect to the Management Console.
2. Choose Administration > Security: Password Policy to display the Password Policy page.
3. Verify the Enable Account Control check box is selected. If the check box is selected, this is a security vulnerability finding.
Configuring a password policy
Enable RiOS authentication policy.
1. Connect to the Management Console.
2. Choose Administration > Security: Password Policy to display the Password Policy page.
3. Select the Enable Account Control check box.
4. Set the user account values.
5. Click Apply.