9.5. Account Policy

It is recommended to minimize the number of accounts in the host OS to make it more secure.

The general recommendations for all Linux distributions are:

  • Create a non-privileged account for performing non-privileged tasks in the system.
  • Use sudo for performing privileged tasks.
  • Disable remote root logon, use a non-privileged user for this.
  • Disable system user logon.
  • Force periodical password changes.
  • Disable accounts after a number of login failures.