STIGhubSTIGhub
STIGsRMF ControlsCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • RMF Controls
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 1 hour ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to IBM Hardware Management Console (HMC) Security Technical Implementation Guide

V-256878

CAT II (Medium)

The PASSWORD History Count value must be set to 10 or greater.

Rule ID

SV-256878r998329_rule

STIG

IBM Hardware Management Console (HMC) Security Technical Implementation Guide

Version

V2R1

CCIs

CCI-004061

Discussion

History Count specifies the number of previous passwords saved for each USERID and compares it with an intended new password. If there is a match with one of the previous passwords, or with the current password, it will reject the intended new password. The improper setting of any of these fields, individually or in combination with another, can compromise the security of the processing environment.

Check Content

Have the system administrator (SA) display the Password Profile Task window on the Hardware Management Console and validate that the History Count is set to 10.

If the History Count is less than 10, then this is a finding.

Fix Text

Have the SA go into the Password Profile and set the History Count to 10 or greater.