Aqua CSPM

Minimum Password Length

Quick Info

Plugin TitleMinimum Password Length
CloudORACLE
CategoryIdentity
DescriptionEnsures password policy requires a minimum password length.
More InfoA strong password policy enforces minimum length, expiration, reuse, and symbol usage.
ORACLE Linkhttps://docs.cloud.oracle.com/iaas/Content/Identity/Tasks/managingpasswordrules.htm
Recommended ActionUpdate the password policy to require a minimum password length.

Detailed Remediation Steps

  1. Log in to the Oracle Cloud Platform Console.
  2. Scroll down the left navigation panel and choose the “Identity” under the “Governance and Administration.”
  3. On the Identity menu, select the “Authentication” settings option.
  4. On the “Authentication Settings” page, click on the “Edit” button to check “Minimum Password Length” is required or not.
  5. On the “Edit Authentication Settings” page, make sure “Minimum Password Length” is set above 8 characters as per the best practices of Oracle cloud.
  6. Repeat steps number 2 - 5 to check other Oracle cloud accounts.
  7. Navigate to “Identity” under the “Governance and Administration” and select the “Authentication” settings to set the “Minimum Password Length”.
  8. Click on the “Edit” button to open the “Authentication” settings.
  9. On the “Edit Authentication Settings” page, enter the “Minimum Password Length” as 9 characters and click on the “Save” button to make the changes.
  10. Repeat steps number 7 - 9 to update the password policy to require a minimum password length.