V-71947 Does not Consider Authentication Other Than Passwords

[Bialogs]

The check text for V-71947 states that "If passwords are not being used for authentication, this is Not Applicable." This check does not perform a check to see if passwords are being used for authentication.

This test could either check the system to confirm that password authentication is enabled and continue, or create a new attribute similar to smart_card_status which will reduce the impact if disabled.

[trevor-vaughan]

Honestly, I have no idea how to do this effectively across all of the PAM subsystems considering all the ways that passwords can be hooked in and how easy it is to simply jump parts of the stack.

I guess that you could try logging in as the user and see if there is a password prompt but that's still not really authoritative for all potential methods.