Security FAQ

The OS keeps rejecting my password. What do I need to do?

The password selection criteria is defined by DISA and is subject to change. See the DISA Security Checklist. Specifically, download the most recent "Red Hat STIG Benchmark and Manual Version X, Release Y".

For a complete list and details refer to the reports provided as part of the ASTi IA Package or IA Maintenance program deliverable(s).

The following User Account Control requirements apply to ASTi Security Software Versions 1.7-1 and after:

  1. Three Failed Login Attempts - After 3 failed attempts to login, you are permanently logged out.
  2. Inactivity Timeout - You are automatically logged out after 15 minutes of inactivity.
  3. Password Change 24 Hours - A user cannot change the password more than once every 24 hours.
  4. Password Length - Shall be 14 characters or more.
  5. Password Character Mix - At a minimum a user must have 1 Upper Case, 1 Lower Case, 1 Number and 1 Special Characters (#$%ˆ&).
  6. Password Contents - No names, telephone numbers, account names, dictionary words, etc.
  7. Password Change Every 60 Days - Password must be changed every 60 days.
  8. Inactive Accounts are locked - After 35 days of no login the account will be locked.
  9. Easily Guessed Passwords - Easily guessed passwords cannot be used.
  10. Password Reuse - Cannot reuse any of the previous 5 password entries.

Passwords that include any of the following will be rejected:

  1. Password is a palindrome.
  2. Password is the same or too similar to one of the 5 previous passwords (not enough different characters).
  3. Password is one of the 5 previous passwords but rotated.
  4. Password is too simple (doesn't contain enough different characters or contains a sequence of characters).
  5. Password is too simple (i.e. doesn't contain enough different character types - lower case, upper case, numeric, and special characters).
  6. Password is based upon username or modified version of username (username rotated, backwards, or spelled in hacker "leet" speak.
  7. Password contains a sequence of keys which appear next to each other on the keyboard.
  8. Password is all whitespace.
  9. Password contains a word which appears in dictionary either forwards or backwards.
  10. Password contains a word spelled in hacker "leet" speak which appears in dictionary either forwards or backwards.

The following User Account Control requirements apply to ASTi Security Software Versions 1.6-1 and prior:

  1. Three Failed Login Attempts - After 3 failed attempts to login, you are permanently logged out.
  2. Inactivity Timeout - You are automatically logged out after 15 minutes of inactivity.
  3. Password Change 24 Hours - A user cannot change the password more than once every 24 hours.
  4. Password Length - Shall be 14 characters or more.
  5. Password Character Mix - At a minimum a user must have 2 Upper Case, 2 Lower Case, 2 Number and 2 Special Character (#$%ˆ&).
  6. Password Contents - No names, telephone numbers, account names, dictionary words, etc.
  7. Password Change Every 60 Days - Password must be changed every 60 days
  8. Inactive Accounts are locked - After 35 days of no login the account will be locked.
  9. Easily Guessed Passwords - Easily guessed passwords cannot be used
  10. Password Reuse - Cannot reuse any of the previous 5 password entries