A password must be required to wake a computer from sleep or screen saver.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-25328 | OSX00420 M6 | SV-38560r1_rule | PESL-1 | Medium |
| Description |
|---|
| Require a password to wake a computer from sleep or screen saver. This helps prevent unauthorized access on unattended computers. Although there is a lock button for Security references, users do not need to be authorized as an administrator to make changes. Enable this password requirement for every user account on the computer. |
| STIG | Date |
|---|---|
| MAC OSX 10.6 Workstation Security Technical Implementation Guide Draft | 2013-01-10 |
Details
| Check Text ( C-37755r1_chk ) |
|---|
| Open a terminal session and enter the following command. defaults -currentHost read com.apple.screensaver askForPassword -int If the action value is not set to "1", this is a finding. |
| Fix Text (F-32998r1_fix) |
|---|
| Open a terminal session and enter the following command. defaults -currentHost write com.apple.screensaver askForPassword -int 1 |