Implement rule 5.3.3.2.5 Ensure password maximum sequential character…

…s is configured

components/pam.yml

@@ -51,6 +51,7 @@ rules:
 - accounts_password_pam_lcredit
 - accounts_password_pam_maxclassrepeat
 - accounts_password_pam_maxrepeat
+- accounts_password_pam_maxsequence
 - accounts_password_pam_minclass
 - accounts_password_pam_minlen
 - accounts_password_pam_ocredit

linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_maxsequence/rule.yml

@@ -0,0 +1,31 @@
+documentation_complete: true
+
+
+title: 'Ensure password maximum sequential characters is configured'
+
+description: |-
+    The <tt>pwquality maxsequence</tt> option sets the maximum length of monotonic character
+    sequences in the new password. Examples of such sequence are 12345 or fedcb. The
+    check is disabled if the value is 0.
+
+    Note: Most such passwords will not pass the simplicity check unless the sequence is
+    only a minor part of the password.
+
+rationale: |-
+    Use of a complex password helps to increase the time and resources required to
+    compromise the password. Password complexity, or strength, is a measure of the
+    effectiveness of a password in resisting attempts at guessing and brute-force attacks.
+    <br /><br />
+    Password complexity is one factor of several that determines how long it takes to crack
+    a password. The more complex the password, the greater the number of possible
+    combinations that need to be tested before the password is compromised.
+
+severity: medium
+
+platform: package[pam]
+
+template:
+    name: accounts_password
+    vars:
+        variable: maxsequence
+        operation: less than or equal