| SLES-12-010220 |
V2R11 |
The SUSE operating system must employ FIPS 140-2-approved cryptographic hashing algorithms for all stored passwords. |
|
| SLES-12-010230 |
V2R11 |
The SUSE operating system must configure the Linux Pluggable Authentication Modules (PAM) to only store encrypted representations of passwords. |
|
| SLES-12-010240 |
V2R11 |
The SUSE operating system must employ FIPS 140-2-approved cryptographic hashing algorithms for all stored passwords. |
|
| RHEL-08-010110 |
V1R3 |
RHEL 8 must encrypt all stored passwords with a FIPS 140-2 approved cryptographic hashing algorithm. |
|
| RHEL-08-010120 |
V1R3 |
RHEL 8 must employ FIPS 140-2 approved cryptographic hashing algorithms for all stored passwords. |
|
| RHEL-08-010130 |
V1R3 |
The RHEL 8 password-auth file must be configured to use a sufficient number of hashing rounds. |
|
| RHEL-08-010131 |
V1R3 |
The RHEL 8 system-auth file must be configured to use a sufficient number of hashing rounds. |
|
| SLES-15-020170 |
V1R12 |
The SUSE operating system must configure the Linux Pluggable Authentication Modules (PAM) to only store encrypted representations of passwords. |
|
| SLES-15-020180 |
V1R12 |
The SUSE operating system must employ FIPS 140-2-approved cryptographic hashing algorithms for all stored passwords. |
|
| SLES-15-020190 |
V1R12 |
The SUSE operating system must employ FIPS 140-2-approved cryptographic hashing algorithms for all stored passwords. |
|
| WN11-AC-000045 |
V2R2 |
Reversible password encryption must be disabled. |
|
| WN11-SO-000195 |
V2R2 |
The system must be configured to prevent the storage of the LAN Manager hash of passwords. |
|
| WN10-AC-000045 |
V3R2 |
Reversible password encryption must be disabled. |
|
| WN10-SO-000195 |
V3R2 |
The system must be configured to prevent the storage of the LAN Manager hash of passwords. |
|
| WN19-AC-000090 |
V3R2 |
Windows Server 2019 reversible password encryption must be disabled. |
|
| WN19-SO-000300 |
V3R2 |
Windows Server 2019 must be configured to prevent the storage of the LAN Manager hash of passwords. |
|
| UBTU-22-611055 |
V2R2 |
Ubuntu 22.04 LTS must store only encrypted representations of passwords. |
|
| WN16-AC-000090 |
V2R7 |
Windows Server 2016 reversible password encryption must be disabled. |
|
| WN16-SO-000360 |
V2R7 |
Windows Server 2016 must be configured to prevent the storage of the LAN Manager hash of passwords. |
|
| WN22-AC-000090 |
V1R4 |
Windows Server 2022 reversible password encryption must be disabled. |
|
| WN22-SO-000300 |
V1R4 |
Windows Server 2022 must be configured to prevent the storage of the LAN Manager hash of passwords. |
|
| RHEL-07-010200 |
V3R6 |
The Red Hat Enterprise Linux operating system must be configured so that the PAM system service is configured to store only encrypted representations of passwords. |
|
| RHEL-07-010210 |
V3R6 |
The Red Hat Enterprise Linux operating system must be configured to use the shadow file to store only encrypted representations of passwords. |
|
| RHEL-07-010220 |
V3R6 |
The Red Hat Enterprise Linux operating system must be configured so that user and group account administration utilities are configured to store only encrypted representations of passwords. |
|
| RHEL-09-611050 |
V1R3 |
RHEL 9 password-auth must be configured to use a sufficient number of hashing rounds. |
|
| RHEL-09-611055 |
V1R3 |
RHEL 9 system-auth must be configured to use a sufficient number of hashing rounds. |
|
| RHEL-09-611135 |
V1R3 |
RHEL 9 must be configured so that user and group account administration utilities are configured to store only encrypted representations of passwords. |
|
| RHEL-09-611140 |
V1R3 |
RHEL 9 must be configured to use the shadow file to store only encrypted representations of passwords. |
|
| RHEL-09-611150 |
V1R3 |
RHEL 9 shadow password suite must be configured to use a sufficient number of hashing rounds. |
|
| RHEL-09-671015 |
V1R3 |
RHEL 9 must employ FIPS 140-3 approved cryptographic hashing algorithms for all stored passwords. |
|
| RHEL-09-671025 |
V1R3 |
RHEL 9 pam_unix.so module must be configured in the password-auth file to use a FIPS 140-3 approved cryptographic hashing algorithm for system authentication. |
|
| OL08-00-010110 |
V1R3 |
OL 8 must encrypt all stored passwords with a FIPS 140-2 approved cryptographic hashing algorithm. |
|
| OL08-00-010120 |
V1R3 |
OL 8 must employ FIPS 140-2 approved cryptographic hashing algorithms for all stored passwords. |
|
| OL08-00-010130 |
V1R3 |
The OL 8 shadow password suite must be configured to use a sufficient number of hashing rounds. |
|
| UBTU-18-010104 |
V2R11 |
The Ubuntu operating system must encrypt all stored passwords with a FIPS 140-2 approved cryptographic hashing algorithm. |
|
| OL07-00-010200 |
V2R11 |
The Oracle Linux operating system must be configured so that the PAM system service is configured to store only encrypted representations of passwords. |
|
| OL07-00-010210 |
V2R11 |
The Oracle Linux operating system must be configured to use the shadow file to store only encrypted representations of passwords. |
|
| OL07-00-010220 |
V2R11 |
The Oracle Linux operating system must be configured so that user and group account administration utilities are configured to store only encrypted representations of passwords. |
|
| OL07-00-010199 |
V2R11 |
The Oracle Linux operating system must be configured to prevent overwriting of custom authentication configuration settings by the authconfig utility. |
|