← Rules Catalog
mediumaccess-controlverified rollback-safe

Require uppercase character in password

pam-pwquality-ucredit · RHEL ≥ 8, UBUNTU ≥ 22 · 1 impl

Description

The ucredit parameter in /etc/security/pwquality.conf controls the credit given for having uppercase characters in the password. A negative value requires at least that many uppercase characters.

Rationale

Requiring uppercase characters increases password complexity and makes passwords more resistant to dictionary attacks.

Check → Remediate

Checkconfig_value
path:
/etc/security/pwquality.conf
key:
ucredit
expected:
-1
comparator:
<=
Remediateconfig_set
path:
/etc/security/pwquality.conf
key:
ucredit
value:
-1
separator:
=

Framework references

CIS

rhel8 5.3.3.2.3rhel10 5.3.2.2.3ubuntu24 5.4.1.3ubuntu22 5.4.1.3rhel9 5.3.3.2.3

STIG

V-258111 / RHEL-09-611110V-230357V-270726 / UBTU-24-400260V-260560 / UBTU-22-611010V-281184 / RHEL-10-600250

NIST 800-53

IA-5(1)(a)

Live verification

rhel10:checkrhel8:checkrhel9:checkubuntu22:checkubuntu24:checkubuntu26:check
#pam#password#authentication#pwquality