Skip to main content
CUI

STIG Rule - V-203630

Back to STIG Browser

V-203630

SV-203630r987796_rule

CAT I

The operating system must transmit only encrypted representations of passwords.

From: General Purpose Operating System Security Requirements Guide (V3R3)

Description

<VulnDiscussion>Passwords need to be protected at all times, and encryption is the standard method for protecting passwords. If passwords are not encrypted, they can be plainly read (i.e., clear text) and easily compromised.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

Check Procedure

Verify the operating system transmits only encrypted representations of passwords. If it does not, this is a finding.

Fix Text

Configure the operating system to transmit only encrypted representations of passwords.

CCI Reference

CCI-000197
Created
2026-04-07 20:08:16
Last Updated
2026-04-07 20:08:16
Back to Browse
CUI