Users may have an easy-to-remember password that they are likely to use. However, it is not advisable to have the same password for more number of days as attackers can easily target such user accounts. To prevent this, you can enforce end users to change their system password every 90 days. The PASS_MAX_DAYS parameter in /etc/login.defs allows an administrator to force passwords to expire once they reach a defined age. Fixing this misconfiguration ensures the PASS_MAX_DAYS parameter is set to 90 days and will change maximum days for existing misconfigured users.
Severity
important
Category
Linux - Password Policies
Resolution
Fix not available
Potential issues that may arise after applying the resolution
Altering the existing security setting may create the following impact in your network operations.
Does remediation require reboot?
No
Vulnerability Manager Plus tracks security configurations and remediate misconfigurations in your network systems from a centralized console. View a list of all the security misconfigurations detected by Vulnerability Manager Plus.
