9.5. Account Policy

It is recommended to minimize the number of accounts in the host OS to make it more secure.

The general recommendations for all Linux distributions are:

  • Create a non-privileged account for performing non-privileged tasks in the system.

  • Use sudo for performing privileged tasks.

  • Disable remote root logon, use a non-privileged user for this.

  • Disable system user logon.

  • Force periodical password changes.

  • Disable accounts after a number of login failures.