v1.0 for Steampipe, Powerpipe, Flowpipe, 116 plugins, and 44 mods →
Powerpipe Hub 
Hub
Mods
turbot/ibm_compliance
Overview
1Dashboards
67Controls
20Queries
0Variables
GitHub

Control: 1.6 Ensure compliance with IBM Cloud password requirements

Description

A strong password is a very important step towards account security and safety. Passwords should never be shared with anyone, and must follow the strong password requirements as follows -

  • Password must contain at least one uppercase letter
  • Password must contain at least one lowercase letter
  • Password must contain at least one number
  • Password must contain at least 8 characters
  • Passwords should not be reused
  • Password must only contain ASCII characters
  • Password cannot contain spaces, or any of the special characters
  • Ensure the usage of a password meter which coaches user to create a stronger password than the minimum

Remediation

IBM Cloud automatically prevents the usage of any passwords that do not meet password requirements, when the users are created in IBMid system. When enterprises integrate through enterprise federation (using SAML), then enterprise identity system is responsible for enforcing password strength.

Usage

Run the control in your terminal:

powerpipe control run ibm_compliance.control.cis_v100_1_6

Snapshot and share results via Turbot Pipes:

powerpipe login
powerpipe control run ibm_compliance.control.cis_v100_1_6 --share

SQL

This control uses a named query:

manual_control

Tags

category = Compliance
cis = true
cis_item_id = 1.6
cis_level = 1
cis_section_id = 1
cis_type = manual
cis_version = v1.0.0
plugin = ibm
service = IBM/IAM