STIGhubSTIGhub
STIGsRMF ControlsCompare
STIGhub— A free STIG search and compliance tool·STIGs updated 3 days ago
Powered by Pylon·Privacy·Terms·© 2026 Beacon Cloud Solutions, Inc.
← Back to Riverbed NetIM NDM Security Technical Implementation Guide

V-275466

CAT III (Low)

The Riverbed NetIM must be configured to require immediate selection of a new password upon account recovery for password-based authentication.

Rule ID

SV-275466r1147448_rule

STIG

Riverbed NetIM NDM Security Technical Implementation Guide

Version

V1R1

CCIs

CCI-004063

Discussion

Specify a temporary password to improve security. A temporary password can be enabled only if Account Control is enabled. If a temporary password is set, then the password set by Admin/Sys Admin for the new user shall expire on the first log in of the new user. A password expired page will appear for new users after the first login.

Check Content

Verify Password Rules is configured to expire temporary passwords.

1. From the GUI, navigate to Configuration >> Configure >> All Settings >> Administer.
2. On the User Management screen, select "Password Rules".
3. View the Maximum age of temporary password in hours.

If the Maximum age of temporary password in hours is not set, this is a finding.

Fix Text

Configure Password Rules to expire temporary passwords.

1. From the GUI, navigate to Configuration >> Configure >> All Settings >> Administer.
2. On the User Management screen, select "Password Rules".
3. Check "Maximum age of temporary password in hours".
4. Enter an organization-defined number in the option box and click "Submit".

Local users must not be created; however, setting these requirements is a best practice.