Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-29437 | OSX00036 M6 | SV-38603r1_rule | IAIA-1 | Medium |
Description |
---|
Configure the local system to verify newly created passwords conform to DoD password complexity policy. Passwords must contain 1 character from the following 4 classes: English uppercase letters, English lowercase letters, Westernized Arabic numerals, and non-alphanumeric characters. Sites are responsible for installing password complexity software complying with the current DoD requirements. |
STIG | Date |
---|---|
MAC OSX 10.6 Workstation Security Technical Implementation Guide | 2012-01-30 |
Check Text ( C-37774r1_chk ) |
---|
Open a terminal session and run the following command. pwpolicy -n -getglobalpolicy | tr " " "\n" | grep requiresAlpha If the value of requiresAlpha is not set to 1, this is a finding. NOTE: If the command returns a response of: password server is not configured, the system is not managed. Add the path /Local/Default to the above command, an example would be: pwpolicy -n /Local/Default -getglobalpolicy | tr " " "\n" | grep requiresAlpha |
Fix Text (F-33021r1_fix) |
---|
Open a terminal session and run the following command. sudo pwpolicy -n -setglobalpolicy "requiresAlpha=1" For non managed systems the path /Local/Default would need to be added to the command, an example would be: sudo pwpolicy -n /Local/Default -setglobalpolicy "requiresAlpha=1" |