Updating openssl due to security scan
Severity column represents the severity of the PMR at the time the APAR was opened.Red Hat Enterprise Linux 7 offers several ways for hardening the desktop against attacks and preventing unauthorized accesses.This sort of brute-force attack is much slower and leaves an obvious trail as hundreds of failed login attempts are written to system files.Of course, if the cracker starts an attack in the middle of the night on a system with weak passwords, the cracker may have gained access before dawn and edited the log files to cover his tracks.This section describes recommended practices for user passwords, session and account locking, and safe handling of removable media.Passwords are the primary method that Red Hat Enterprise Linux 7 uses to verify a user's identity.For situations when the attacker might obtain the direct access to the password hash or the password is used as an encryption key, 80 to 128 bits should be used.
Password aging means that after a specified period (usually 90 days), the user is prompted to create a new password.
The higher the entropy value, the more secure the password is.
According to NIST SP 800-63-1, passwords that are not present in a dictionary comprised of 50000 commonly selected passwords should have at least 10 bits of entropy.
They can create passwords for the user, or they can let users create their own passwords while verifying the passwords are of adequate strength.
Creating the passwords for the users ensures that the passwords are good, but it becomes a daunting task as the organization grows.