Skip to main content
CUI

STIG Rule - V-203629

Back to STIG Browser

V-203629

SV-203629r982199_rule

CAT I

The operating system must store only encrypted representations of passwords.

From: General Purpose Operating System Security Requirements Guide (V3R3)

Description

<VulnDiscussion>Passwords need to be protected at all times, and encryption is the standard method for protecting passwords. If passwords are not encrypted, they can be plainly read (i.e., clear text) and easily compromised.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

Check Procedure

Verify the operating system stores only encrypted representations of passwords. If it does not, this is a finding.

Fix Text

Configure the operating system to store only encrypted representations of passwords.

CCI Reference

CCI-004062
Created
2026-04-07 20:08:16
Last Updated
2026-04-07 20:08:16
Back to Browse
CUI