The vCenter Server must configure the "vpxuser" password to meet length policy.

Severity	Group ID	Group Title	Version	Rule ID	Date	STIG Version
medium	V-258943	SRG-APP-000516	VCSA-80-000276	SV-258943r961863_rule	2024-12-16	2

Description
The "vpxuser" password default length is 32 characters. Ensure this setting meets site policies; if not, configure to meet password length policies. Longer passwords make brute-force password attacks more difficult. The "vpxuser" password is added by vCenter, meaning no manual intervention is normally required. The "vpxuser" password length must never be modified to less than the default length of 32 characters.

Description

The "vpxuser" password default length is 32 characters. Ensure this setting meets site policies; if not, configure to meet password length policies. Longer passwords make brute-force password attacks more difficult. The "vpxuser" password is added by vCenter, meaning no manual intervention is normally required. The "vpxuser" password length must never be modified to less than the default length of 32 characters.

ℹ️ Check
From the vSphere Client, go to Host and Clusters. Select a vCenter Server >> Configure >> Settings >> Advanced Settings. Verify that "config.vpxd.hostPasswordLength" is set to "32". or From a PowerCLI command prompt while connected to the vCenter server, run the following command: Get-AdvancedSetting -Entity <vcenter server name> -Name config.vpxd.hostPasswordLength and verify it is set to 32. If the "config.vpxd.hostPasswordLength" is set to a value other than "32, this is a finding. If the setting does not exist, this is not a finding.

ℹ️ Check

From the vSphere Client, go to Host and Clusters. Select a vCenter Server >> Configure >> Settings >> Advanced Settings. Verify that "config.vpxd.hostPasswordLength" is set to "32". or From a PowerCLI command prompt while connected to the vCenter server, run the following command: Get-AdvancedSetting -Entity <vcenter server name> -Name config.vpxd.hostPasswordLength and verify it is set to 32. If the "config.vpxd.hostPasswordLength" is set to a value other than "32, this is a finding. If the setting does not exist, this is not a finding.

✔️ Fix
From the vSphere Client, go to Host and Clusters. Select a vCenter Server >> Configure >> Settings >> Advanced Settings. Click "Edit Settings" and configure the "config.vpxd.hostPasswordLength" value to "32". or From a PowerCLI command prompt while connected to the vCenter server, run the following command: Get-AdvancedSetting -Entity <vcenter server name> -Name config.vpxd.hostPasswordLength \| Set-AdvancedSetting -Value 32

✔️ Fix

From the vSphere Client, go to Host and Clusters. Select a vCenter Server >> Configure >> Settings >> Advanced Settings. Click "Edit Settings" and configure the "config.vpxd.hostPasswordLength" value to "32". or From a PowerCLI command prompt while connected to the vCenter server, run the following command: Get-AdvancedSetting -Entity <vcenter server name> -Name config.vpxd.hostPasswordLength | Set-AdvancedSetting -Value 32