UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

Complex passwords must contain a Symbolic Character.


Overview

Finding ID Version Rule ID IA Controls Severity
V-29439 OSX00038 M6 SV-38607r1_rule IAIA-1 Medium
Description
Configure the local system to verify newly created passwords conform to the DoD password complexity policy. Passwords must contain 1 character from the following 4 classes: English uppercase letters, English lowercase letters, Westernized Arabic numerals, and non-alphanumeric characters. Sites are responsible for installing password complexity software that complies with current DoD requirements.
STIG Date
MAC OSX 10.6 Workstation Security Technical Implementation Guide 2012-01-30

Details

Check Text ( C-37776r1_chk )
Open a terminal session and run the following command.

pwpolicy -n -getglobalpolicy | tr " " "\n" | grep requiresSymbol

If the value of requireSymbol is not set to 1, this is a finding.

NOTE: If the command returns a response of password server is not configured, the system is not managed. Add the path /Local/Default to the above commands, an example would be: pwpolicy -n /Local/Default -getglobalpolicy | tr " " "\n" | grep requiresSymbol
Fix Text (F-33023r1_fix)
Open a terminal session and run the following command.

sudo pwpolicy -n -setglobalpolicy "requiresSymbol=1"

For non managed systems the path /Local/Default would need to be added to the command, an example would be: sudo pwpolicy -n /Local/Default -setglobalpolicy "requiresSymbol=1"