000030548 - A minimum length of 8 characters is not enforced in the password policy in RSA Security Analytics

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000030548
Applies ToRSA Product Set: Security Analytics
RSA Product/Service Type: Security Analytics Server, Security Analytics UI
RSA Version/Condition: 10.5
Platform: CentOS
O/S Version: EL6
IssueDespite changes in the password policy, the database enforces a minimum password length of 8 characters.   
To see this issue, navigate to Administration -> Security -> Settings in the Security Analytics UI and change the policy to something less than 8 characters.  
While the policy is not enforced, an exception is written to the /var/lib/netwitness/uax/logs/sa.log file regarding the issue.

The issue does not occur when a password policy is not in place.
ResolutionThis issue has been permanently resolved in Security Analytics
WorkaroundUse a password policy of 8 or more characters.