The mobile operating system must prohibit a user from reusing any of the last five previously used device unlock passwords.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-33004 | SRG-OS-000077-MOS-000051 | SV-43402r1_rule | Low |
| Description |
|---|
| Password complexity, or strength, is a measure of the effectiveness of a password in resisting guessing and brute force attacks. Remembering the prior five device unlock passwords enables the operating system from permitting those passwords to be reused, which increases the resistance against password attacks. |
| STIG | Date |
|---|---|
| Mobile Operating System Security Requirements Guide | 2012-10-01 |
Details
| Check Text ( C-41301r1_chk ) |
|---|
| Review the mobile operating system configuration for prohibiting a user from reusing any of the last five previously used device unlock passwords. If the mobile operating system allows a user from reusing any of the last five previously used device unlock passwords, this is a finding. |
| Fix Text (F-36916r1_fix) |
|---|
| Configure the mobile operating system to prohibit a user from reusing any of the last five previously used device unlock passwords. |