STIGhubSTIGhub
STIGsRMF ControlsCompare
STIGhub— A free STIG search and compliance tool·STIGs updated 3 days ago
Powered by Pylon·Privacy·Terms·© 2026 Beacon Cloud Solutions, Inc.
← Back to IBM AIX 7.x Security Technical Implementation Guide

V-215197

CAT I (High)

AIX must not have accounts configured with blank or null passwords.

Rule ID

SV-215197r991591_rule

STIG

IBM AIX 7.x Security Technical Implementation Guide

Version

V3R2

CCIs

CCI-000366

Discussion

If an account is configured for password authentication but does not have an assigned password, it may be possible to log into the account without authentication. If the root user is configured without a password, the entire system may be compromised. For user accounts not using password authentication, the account must be configured with a password lock value instead of a blank or null value.

Check Content

Verify no interactive accounts have blank passwords by running the following command: 
# pwdck -n ALL 

If any interactive account with a blank password is found, this is a finding.

Fix Text

Configure a password for any interactive account with a blank password by running the following command:
# passwd [user_name]