Common Controls Hub
Users must not be able to change passwords more than once every 24 hours.
Setting the minimum password age protects against users cycling back to a favorite password after satisfying the password reuse requirement.
Red Hat Enterprise Linux 6 Security Technical Implementation Guide
Check Text ( C-19369r376679_chk )
To check the minimum password age, run the command:
$ grep PASS_MIN_DAYS /etc/login.defs
The DoD requirement is 1.
If it is not set to the required value, this is a finding.
Fix Text (F-19367r376680_fix)
To specify password minimum age for new accounts, edit the file "/etc/login.defs" and add or correct the following line, replacing [DAYS] appropriately:
A value of 1 day is considered sufficient for many environments. The DoD requirement is 1.