Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-47215 | BB10-2X-000350 | SV-60087r2_rule | Medium |
Description |
---|
The recommended setting for the maximum number of consecutive unsuccessful unlock attempts is 10. In some environments, a lower number may be needed to provide greater protection of sensitive information. Allowing for configuration enables the local command to enforce greater protection when it is deemed necessary. If the limit is not configurable, then it is permissible for a site to procure and deploy devices that enforce the limit specified by the organization, so long as that limit does not exceed 10. |
STIG | Date |
---|---|
BlackBerry 10.2.x OS Security Technical Implementation Guide | 2015-07-02 |
Check Text ( C-50041r3_chk ) |
---|
From either the Work Space or Personal Space, navigate to "Settings >> BlackBerry Balance”. Under "Work Password", ensure the maximum value in the "Password attempt limit" drop down box is less than 10, otherwise, this is a finding. |
Fix Text (F-50919r2_fix) |
---|
On BlackBerry Device Service, set the IT Policy rule "Maximum Password Attempts" to be less than 10. |