Rule ID
SV-254211r982202_rule
Version
V1R2
CCIs
The shorter the password, the lower the number of possible combinations that need to be tested before the password is compromised. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. Password length is one factor of several that helps to determine strength and how long it takes to crack a password. Use of more characters in a password helps to exponentially increase the time and/or resources required to compromise the password.
Confirm Nutanix AOS is configured to enforce a minimum 15 character password length. $ sudo grep minlen /etc/security/pwquality.conf minlen = 15 If the command does not return a "minlen" value of "15" or greater, this is a finding.
Configure the password minimum length requirement of 15 characters by running the following command: $ ncli cluster edit-cvm-security-params enable-high-strength-password=true