| ALMA-09-037200 |
V1R1 |
AlmaLinux OS 9 PAM must be configured to use a sufficient number of password hashing rounds. |
|
| ALMA-09-037310 |
V1R1 |
AlmaLinux OS 9 must be configured so that libuser is configured to store only encrypted representations of passwords. |
|
| ALMA-09-037420 |
V1R1 |
AlmaLinux OS 9 must be configured so that the system's shadow file is configured to store only encrypted representations of passwords. |
|
| ALMA-09-037530 |
V1R1 |
AlmaLinux OS 9 must be configured so that the Pluggable Authentication Module is configured to store only encrypted representations of passwords. |
|
| ALMA-09-037640 |
V1R1 |
AlmaLinux OS 9 must be configured so that interactive user account passwords are using strong password hashes. |
|
| OL07-00-010200 |
V3R1 |
The Oracle Linux operating system must be configured so that the PAM system service is configured to store only encrypted representations of passwords. |
|
| OL07-00-010210 |
V3R1 |
The Oracle Linux operating system must be configured to use the shadow file to store only encrypted representations of passwords. |
|
| OL07-00-010220 |
V3R1 |
The Oracle Linux operating system must be configured so that user and group account administration utilities are configured to store only encrypted representations of passwords. |
|
| OL07-00-010199 |
V3R1 |
The Oracle Linux operating system must be configured to prevent overwriting of custom authentication configuration settings by the authconfig utility. |
|
| OL08-00-010110 |
V2R3 |
OL 8 must encrypt all stored passwords with a FIPS 140-2 approved cryptographic hashing algorithm. |
|
| OL08-00-010120 |
V2R3 |
OL 8 must employ FIPS 140-2 approved cryptographic hashing algorithms for all stored passwords. |
|
| OL08-00-010130 |
V2R3 |
The OL 8 shadow password suite must be configured to use a sufficient number of hashing rounds. |
|
| RHEL-07-010200 |
V3R9 |
The Red Hat Enterprise Linux operating system must be configured so that the PAM system service is configured to store only encrypted representations of passwords. |
|
| RHEL-07-010210 |
V3R9 |
The Red Hat Enterprise Linux operating system must be configured to use the shadow file to store only encrypted representations of passwords. |
|
| RHEL-07-010220 |
V3R9 |
The Red Hat Enterprise Linux operating system must be configured so that user and group account administration utilities are configured to store only encrypted representations of passwords. |
|
| RHEL-08-010110 |
V2R2 |
RHEL 8 must encrypt all stored passwords with a FIPS 140-2 approved cryptographic hashing algorithm. |
|
| RHEL-08-010120 |
V2R2 |
RHEL 8 must employ FIPS 140-2 approved cryptographic hashing algorithms for all stored passwords. |
|
| RHEL-08-010130 |
V2R2 |
The RHEL 8 shadow password suite must be configured to use a sufficient number of hashing rounds. |
|
| RHEL-09-611050 |
V2R3 |
RHEL 9 password-auth must be configured to use a sufficient number of hashing rounds. |
|
| RHEL-09-611055 |
V2R3 |
RHEL 9 system-auth must be configured to use a sufficient number of hashing rounds. |
|
| RHEL-09-611135 |
V2R3 |
RHEL 9 must be configured so that user and group account administration utilities are configured to store only encrypted representations of passwords. |
|
| RHEL-09-611140 |
V2R3 |
RHEL 9 must be configured to use the shadow file to store only encrypted representations of passwords. |
|
| RHEL-09-671015 |
V2R3 |
RHEL 9 must employ FIPS 140-3 approved cryptographic hashing algorithms for all stored passwords. |
|
| RHEL-09-671025 |
V2R3 |
RHEL 9 pam_unix.so module must be configured in the password-auth file to use a FIPS 140-3 approved cryptographic hashing algorithm for system authentication. |
|
| SLES-12-010220 |
V3R2 |
The SUSE operating system must employ FIPS 140-2-approved cryptographic hashing algorithms for all stored passwords. |
|
| SLES-12-010230 |
V3R2 |
The SUSE operating system must configure the Linux Pluggable Authentication Modules (PAM) to only store encrypted representations of passwords. |
|
| SLES-12-010240 |
V3R2 |
The SUSE operating system must employ FIPS 140-3 approved cryptographic hashing algorithms for all stored passwords. |
|
| SLES-15-020170 |
V2R3 |
The SUSE operating system must configure the Linux Pluggable Authentication Modules (PAM) to only store encrypted representations of passwords. |
|
| SLES-15-020180 |
V2R3 |
The SUSE operating system must employ FIPS 140-2-approved cryptographic hashing algorithms for all stored passwords. |
|
| SLES-15-020190 |
V2R3 |
The SUSE operating system must employ FIPS 140-3 approved cryptographic hashing algorithms for all stored passwords. |
|
| UBTU-18-010104 |
V2R15 |
The Ubuntu operating system must encrypt all stored passwords with a FIPS 140-2 approved cryptographic hashing algorithm. |
|
| UBTU-22-611055 |
V2R3 |
Ubuntu 22.04 LTS must store only encrypted representations of passwords. |
|
| WN10-AC-000045 |
V3R3 |
Reversible password encryption must be disabled. |
|
| WN10-SO-000195 |
V3R3 |
The system must be configured to prevent the storage of the LAN Manager hash of passwords. |
|
| WN11-AC-000045 |
V2R2 |
Reversible password encryption must be disabled. |
|
| WN11-SO-000195 |
V2R2 |
The system must be configured to prevent the storage of the LAN Manager hash of passwords. |
|
| WN16-AC-000090 |
V2R9 |
Windows Server 2016 reversible password encryption must be disabled. |
|
| WN16-SO-000360 |
V2R9 |
Windows Server 2016 must be configured to prevent the storage of the LAN Manager hash of passwords. |
|
| WN19-AC-000090 |
V3R3 |
Windows Server 2019 reversible password encryption must be disabled. |
|
| WN19-SO-000300 |
V3R3 |
Windows Server 2019 must be configured to prevent the storage of the LAN Manager hash of passwords. |
|
| WN22-AC-000090 |
V2R3 |
Windows Server 2022 reversible password encryption must be disabled. |
|
| WN22-SO-000300 |
V2R3 |
Windows Server 2022 must be configured to prevent the storage of the LAN Manager hash of passwords. |
|