BlackBerry devices must be protected by authenticated login procedures to unlock the device. Either CAC or Password authentication is required. The device password must not contain more than two sequential characters or more than two repeating characters.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-37372 | WIR1400-12 | SV-49134r3_rule | ECSC-1 IAIA-1 | Medium |
| Description |
|---|
| Authenticated device unlock is a key security control for the BlackBerry system to restrict access to DoD data by unauthorized individuals. If the password complexity is not compliant, it may be possible for a hacker to guess the password. |
| STIG | Date |
|---|---|
| BlackBerry Enterprise Server (version 5.x), Part 3 Security Technical Implementation Guide | 2015-07-02 |
Details
| Check Text ( C-45620r4_chk ) |
|---|
| This requirement can only be met via User Based Enforcement (UBE) at this time. Consult with the user to ensure there are no more than two sequential characters (for example, abc) or no more than two repeating characters (for example, 222) in the password. If the device password contains more than two sequential characters or more than two repeating characters, this is a finding. |
| Fix Text (F-42297r3_fix) |
|---|
| Configure the device password so that there are no more than two sequential characters or no more than two repeating characters. |