CCI-000195 requires enforcing of the number of the characters changed when passwords are changed, password_require_diffchars rule meets this requirement
Signed-off-by: Willy Santos wsantos@redhat.com --- rhel6/src/input/system/accounts/pam.xml | 1 + 1 files changed, 1 insertions(+), 0 deletions(-)
diff --git a/rhel6/src/input/system/accounts/pam.xml b/rhel6/src/input/system/accounts/pam.xml index 0bf95ff..8236e6f 100644 --- a/rhel6/src/input/system/accounts/pam.xml +++ b/rhel6/src/input/system/accounts/pam.xml @@ -244,6 +244,7 @@ Note that passwords which are changed on compromised systems will still be compr <oval id="accounts_password_pam_cracklib_difok" value="var_password_pam_cracklib_difok"/> <ref nist="IA-5" /> </Rule> +<ident cci="CCI-000195" /> </Group> </Group>