TOC & Recently Viewed

Recently Viewed Topics

min_password_length

This built-in check ensures that the minimum password length enforced on the remote system is in the range <min>..<max>. Having a minimum password length forces users to choose more complex passwords.

Operating System

Implementation

Linux

The minimum password length is defined as PASS_MIN_LEN in /etc/login.defs.

Solaris

The minimum password length is defined as PASSLENGTH in /etc/default/passwd.

Note: This also controls the password maximum length.

HP-UX

The minimum password length is defined as MIN_PASSWORD_LENGTH in /etc/default/security.

Mac OS X

The minimum password length is defined as “minChar” in the local policy, defined using the command pwpolicy.

Usage

<item>

name: "min_password_length"

description: "This check examines the system configuration for the minimum password length that the passwd program will accept. The check reports a problem if the minimum length is less than the length specified in your policy."

except: "user1" | "user2" (list of users to be excluded)

value: "<min>..<max>"

</item>

Example

<item>

name: "min_password_length"

description: "Make sure that each password has a minimum length of 6 chars or more"

value: "6..65535"

</item>

Copyright © 2017. Tenable Network Security, Inc. All rights reserved. Tenable Network Security, Nessus, SecurityCenter Continuous View, Passive Vulnerability Scanner, and Log Correlation Engine are registered trademarks of Tenable Network Security, Inc. All other products or services are trademarks of their respective owners.