| VID |
14081 |
| Severity |
30 |
| Port |
22 |
| Protocol |
TCP |
| Class |
LSC |
| Detailed Description |
Password minimum period is not set or less than 7 days in the host system. If password can change for in a short time, password can be exposed because of returning to previous password soon. It is recommanded that password minimum period be set to more than 7 days.
* Platforms Affected:
UNIX, Linux |
| Recommendation |
Set password minimum period as the following
*Linux
Open /etc/login.defs and set more than 7 at PASS_MIN_DAYS
PASS_MIN_DAYS 7
*Solaris
Open /etc/default/passwd and set more than 1 at MINWEEKS
MINWEEKS=1
*HP
Open /etc/default/security and set more than 7 at PASSWORD_MINDAYS
PASSWORD_MINDAYS=7
*AIX
Open /etc/security/user and set more than 1 at minage
minage=1 |
| Related URL |
(CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
