Policy Compliance: Password Auditing

File uploaded by Robert Dell'Immagine Employee on Nov 19, 2010Last modified by Robert Dell'Immagine Employee on Jan 7, 2013
Version 3Show Document
  • View in full screen mode

QualysGuard 6.15 Update introduces Password Auditing for policy compliance users. Password auditing is supported on Windows and Unix systems.

With password auditing the scanning engine is able to gather data about user accounts/passwords on target hosts in order to evaluate service-provided password auditing controls. The service provides password auditing controls for identifying 1) user accounts with empty passwords, 2) user accounts with the password equal to the user name, and 3) user accounts with passwords equal to an entry in a user-defined password dictionary.


This document describes step-by-step instructions for using the Password Auditing feature.


Update: Document updated January 4, 2013 with new screenshots and minor revisions.