UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The mobile operating system maximum number of consecutive unsuccessful unlock attempts must be configurable within a range from 5 to 10.


Overview

Finding ID Version Rule ID IA Controls Severity
V-33235 SRG-OS-000227-MOS-000116 SV-43653r1_rule Medium
Description
The recommended setting for the maximum number of consecutive unsuccessful unlock attempts is 10. In some environments, a lower number may be needed to provide greater protection of sensitive information. Allowing for configuration enables the local command to enforce greater protection when it is deemed necessary. If the limit is not configurable, then it is permissible for a site to procure and deploy devices that enforce the limit specified by the organization, so long as that limit does not exceed 10.
STIG Date
Mobile Operating System Security Requirements Guide 2012-10-01

Details

Check Text ( C-41531r1_chk )
Review system documentation and operating system configuration to determine if the maximum number of consecutive unsuccessful unlock attempts is configurable within a range from 3 to 10. If this operating system parameter is not configurable, check that the operating system nonetheless supports the limit specified by the organization, which is an acceptable alternative. If the limit is not configurable and is not compliant with the organization defined limit or the limit exceeds 10, this is a finding.
Fix Text (F-37165r1_fix)
Configure the mobile operating system maximum number of consecutive unsuccessful unlock attempts to be between 5 and 10.