File tree Expand file tree Collapse file tree 1 file changed +3
-3
lines changed Expand file tree Collapse file tree 1 file changed +3
-3
lines changed Original file line number Diff line number Diff line change @@ -518,7 +518,7 @@ checks:
518518 darwin :
519519 # Check for weak password length (less than 8 characters per NIST SP 800-63B)
520520 - output : pwpolicy getaccountpolicies
521- includes : " \\ .\\ { [1-7], \\ } |<dict/>|does not exist"
521+ includes : " com \\ .apple \\ .policy \\ .legacy \\ .minChars.*minimumLength.*<integer>( [1-7])</integer> |<dict/>|does not exist"
522522 remediation :
523523 - Set minimum password length to at least 8 characters (NIST SP 800-63B)
524524 - " Run: sudo pwpolicy -n /Local/Default -setglobalpolicy 'minChars=8'"
@@ -537,13 +537,13 @@ checks:
537537 - Configure minimum length in /etc/security/pwquality.conf with 'minlen=8'
538538 - Do NOT set complexity requirements per NIST SP 800-63B
539539 - file : /etc/login.defs
540- includes : " PASS_MIN_LEN.* [0-7]([^0-9]|$)"
540+ includes : " PASS_MIN_LEN\s + [0-7]([^0-9]|$)"
541541 remediation :
542542 - Set PASS_MIN_LEN to at least 8 in /etc/login.defs
543543 - Do NOT enforce password aging or complexity per NIST guidelines
544544 windows :
545545 - output : net accounts
546- includes : " Minimum password length. *[0-7]([^0-9]|$)"
546+ includes : " Minimum password length\s *: \s *[0-7]([^0-9]|$)"
547547 remediation :
548548 - " Set minimum password length to 8: 'net accounts /minpwlen:8'"
549549 - Or configure via Group Policy Editor (gpedit.msc)
You can’t perform that action at this time.
0 commit comments