UCF STIG Viewer Logo

The device minimum password/passcode length must be set.


Overview

Finding ID Version Rule ID IA Controls Severity
V-25016 WIR-MOS-NS-011 SV-40113r2_rule ECWN-1 IAIA-1 Low
Description
Sensitive DoD data could be compromised if a device unlock password/passcode is not set to required length on DoD smartphones.
STIG Date
BlackBerry Playbook OS (NEA mode) Security Technical Implementation Guide (STIG) 2012-09-21

Details

Check Text ( C-39061r1_chk )
This check applies to any mobile OS device (smartphones, tablets, etc.).

Check a sample of 2-3 devices managed by the site to verify the device unlock password/passcode has been set to 8 or more alphanumeric characters. The exact procedure will vary, depending on the mobile OS.

Have the user show that a device unlock password/passcode has been set to 8 or more alphanumeric characters.

Mark as a finding if configuration is not set as required.
Fix Text (F-27687r1_fix)
Set the smartphone minimum password/passcode length as required.