The operating system must enforce minimum password lifetime restrictions.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-28889 | SRG-OS-000075 | SV-36880r1_rule | Medium |
| Description |
|---|
| Passwords need to be changed at specific policy based intervals, however if the information system or application allows the user to immediately and continually change their password then the password could be repeatedly changed in a short period of time defeating the organization’s policy regarding password reuse. |
| STIG | Date |
|---|---|
| Operating System Security Requirements Guide | 2013-03-28 |
Details
| Check Text ( None ) |
|---|
| None |
| Fix Text (None) |
|---|
| None |