BlackBerry 10 OS must enforce a minimum length for the work area password.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| BB10-00-000210 | BB10-00-000210 | BB10-00-000210_rule | Medium |
| Description |
|---|
| Password complexity, or strength, is a measure of the effectiveness of a password in resisting guessing and brute force attacks. The ability to crack a password is a function of how many attempts are made to crack the password, how quickly the adversary can make each attempt, and the size of the password space. The longer the minimum length of the password is, the larger the password space. |
| STIG | Date |
|---|---|
| BlackBerry 10 OS STIG | 2013-05-03 |
Details
| Check Text ( C-BB10-00-000210_chk ) |
|---|
| Navigate to "Settings -> BlackBerry Balance" and select "Change Password". Authenticate using the current password. Select "Password Rules" and verify the dialog states: "Password must be at least 8 characters long". Otherwise, this is a finding. |
| Fix Text (F-BB10-00-000210_fix) |
|---|
| On BlackBerry Device Service, set "Minimum Password Length" IT Policy rule to 8. |