UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

Complex passwords must contain Alphabetic Character.


Overview

Finding ID Version Rule ID IA Controls Severity
V-29437 OSX00036 M6 SV-38603r1_rule IAIA-1 Medium
Description
Configure the local system to verify newly created passwords conform to DoD password complexity policy. Passwords must contain 1 character from the following 4 classes: English uppercase letters, English lowercase letters, Westernized Arabic numerals, and non-alphanumeric characters. Sites are responsible for installing password complexity software complying with the current DoD requirements.
STIG Date
MAC OSX 10.6 Workstation Security Technical Implementation Guide 2012-01-30

Details

Check Text ( C-37774r1_chk )
Open a terminal session and run the following command.

pwpolicy -n -getglobalpolicy | tr " " "\n" | grep requiresAlpha

If the value of requiresAlpha is not set to 1, this is a finding.

NOTE: If the command returns a response of: password server is not configured, the system is not managed. Add the path /Local/Default to the above command, an example would be: pwpolicy -n /Local/Default -getglobalpolicy | tr " " "\n" | grep requiresAlpha
Fix Text (F-33021r1_fix)
Open a terminal session and run the following command.

sudo pwpolicy -n -setglobalpolicy "requiresAlpha=1"

For non managed systems the path /Local/Default would need to be added to the command, an example would be: sudo pwpolicy -n /Local/Default -setglobalpolicy "requiresAlpha=1"