Ensuring passwords have an uppercase character
Rule Title: RiOS must enforce password complexity by requiring that at least one uppercase character be used.
STIG ID: RICX-DM-000115
Rule ID: SV-77453r1_rule Severity: CAT II
Vuln ID: V-62963 Class: Unclass
Use of a complex passwords helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
Password complexity is one factor of several that determines how long it takes to crack a password. The more complex the password is, the greater the number of possible combinations that need to be tested before the password is compromised.
Verifying passwords have an uppercase character
Verify that RiOS is configured to enforce password complexity that requires at least one uppercase character.
1. Connect to the Management Console.
2. Choose Administration > Security: Password Policy to display the Password Policy page.
3. Verify that the Minimum Uppercase Characters is set to 1. If the Minimum Uppercase Characters is not set to 1, this is a security vulnerability finding.
Configuring passwords to have and uppercase character
Configure RiOS to enforce password complexity that requires at least one uppercase character.
1. Connect to the Management Console.
2. Choose Administration > Security: Password Policy to display the Password Policy page.
3. Specify the value of the Minimum Uppercase Characters text box to 1.
4. Click Apply.