Password = username (UNIX)

Module: Password Strength

This check examines each password and reports when the username and password match. The check is not as thorough as "Password = any username" and is provided for systems with a large number of user accounts. If the "Password = any username" takes too long or is too CPU intensive, you can use "Password = username" on a daily basis and the "Password = any username" on weekends.

The following table lists the error messages for the check.

Table: Error messages for Password = username

Message String ID and Category

Platform and Message Numeric ID

Message Title and Description

Additional Information

String ID: STKU_GUESSPASS

Category: ESM Error

UNIX (5330)

Title: Guessed user password

Description:Symantec ESM guessed the passwords of the accounts listed below. This is a security problem because an intruder can also guess these passwords while trying to break into your system. You should immediately assign more secure passwords to these accounts. Then instruct each user to login, using the more secure password, and change the password again. A secure password should have six to eight characters, should not be found in any dictionary, and should have at least one non-alphabetic character. A secure password should also not match an account or host name.

Severity: red-4

Correctable: false

Snapshot Updatable: false

Template Updatable: false

Information Field Format: [%s]

String ID: STKU_UNKNOWN_PAM_MODULE

Category: ESM Error

UNIX (5368)

Title: Unknown PAM authentication module

Description:ESM does not recognize any of the modules currently configured for authentication. Default Solaris hash types will be used for password cracking.

Severity: yellow-1

Correctable: false

Snapshot Updatable: false

Template Updatable: false

Information Field Format: []