STIGhubSTIGhub
STIGsSearchCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 5 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to Palo Alto Networks NDM Security Technical Implementation Guide

V-228675

CAT II (Medium)

The Palo Alto Networks security platform must not use Password Profiles.

Rule ID

SV-228675r961863_rule

STIG

Palo Alto Networks NDM Security Technical Implementation Guide

Version

V3R3

CCIs

CCI-000366

Discussion

Password profiles override settings made in the Minimum Password Complexity window. If Password Profiles are used they can bypass password complexity requirements.

Check Content

Go to Device >> Password Profiles
If there are configured Password Profiles, this is a finding.

Fix Text

Go to Device >> Password Profiles
If the screen is blank (no configured Password Profiles), do nothing.

If there are configured Password Profiles, identify which accounts are using them and bring this to the attention of the ISSO immediately.
Delete the Password Profiles when authorized to make changes to the device in accordance with local change management policies.