BlackBerry 10 OS must prohibit a user from reusing any of the last five previously used device unlock passwords.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| BB10-00-000200 | BB10-00-000200 | BB10-00-000200_rule | Low |
| Description |
|---|
| Password complexity, or strength, is a measure of the effectiveness of a password in resisting guessing and brute force attacks. Remembering the prior five device unlock passwords enables the operating system to prevent those passwords from being reused, which increases the resistance against password attacks. |
| STIG | Date |
|---|---|
| BlackBerry 10 OS STIG | 2013-05-03 |
Details
| Check Text ( C-BB10-00-000200_chk ) |
|---|
| If the local command determines that there is not a need for password rotation based on the expected operational use of the device, this requirement does not apply. On BlackBerry Device Service: Ensure "Maximum Password History" IT Policy rule is set to 5. Otherwise, this is a finding. |
| Fix Text (F-BB10-00-000200_fix) |
|---|
| On BlackBerry Device Service, set "Maximum Password History" IT Policy rule to 5. |