CA-ACF2 must prevent the use of dictionary words for passwords.
Severity | Group ID | Group Title | Version | Rule ID | Date | STIG Version |
|---|---|---|---|---|---|---|
| medium | V-223477 | SRG-OS-000480-GPOS-00225 | ACF2-ES-000590 | SV-223477r1001097_rule | 2025-03-11 | 9 |
| Description |
|---|
| If the operating system allows the user to select passwords based on dictionary words, then this increases the chances of password compromise by increasing the opportunity for successful guesses and brute-force attacks. |
| ℹ️ Check |
|---|
| From the ISPF Command Shell enter: ACF to enter ACF2 Command shell enter SHOW STATE If "PSWDRSV = NO", this is a finding. If "PSWDRSVW = NO", this is a finding. SHOW PSwdopts Reserved Words and Prefixes APPL APR ASDF AUG BASIC CADAM DEC DEMO FEB FOCUS GAME IBM JAN JUL JUN LOG MAR MAY NET NEW NOV OCT PASS ROS SEP SIGN SYS TEST TSO VALID VTAM XXX 1234 |
| ✔️ Fix |
|---|
| Configure the GSO record to include PSWDRSV and PSWDRSVW. |