Complex passwords must contain Alphabetic Character.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-29437 | OSX00036 M6 | SV-38603r1_rule | IAIA-1 | Medium |
| Description |
|---|
| Configure the local system to verify newly created passwords conform to DoD password complexity policy. Passwords must contain 1 character from the following 4 classes: English uppercase letters, English lowercase letters, Westernized Arabic numerals, and non-alphanumeric characters. Sites are responsible for installing password complexity software complying with the current DoD requirements. |
| STIG | Date |
|---|---|
| MAC OSX 10.6 Workstation Security Technical Implementation Guide | 2013-04-09 |
Details
| Check Text ( C-37774r1_chk ) |
|---|
| Open a terminal session and run the following command. pwpolicy -n -getglobalpolicy | tr " " "\n" | grep requiresAlpha If the value of requiresAlpha is not set to 1, this is a finding. NOTE: If the command returns a response of: password server is not configured, the system is not managed. Add the path /Local/Default to the above command, an example would be: pwpolicy -n /Local/Default -getglobalpolicy | tr " " "\n" | grep requiresAlpha |
| Fix Text (F-33021r1_fix) |
|---|
| Open a terminal session and run the following command. sudo pwpolicy -n -setglobalpolicy "requiresAlpha=1" For non managed systems the path /Local/Default would need to be added to the command, an example would be: sudo pwpolicy -n /Local/Default -setglobalpolicy "requiresAlpha=1" |