UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The operating system must enforce password complexity by the number of special characters used.


Overview

Finding ID Version Rule ID IA Controls Severity
V-33277 SRG-OS-000266-NA SV-43696r1_rule Medium
Description
Password complexity, or strength, is a measure of the effectiveness of a password in resisting guessing and brute force attacks. Requiring a minimum number of special characters is one way to increase the complexity of the password and make it less likely that it will be compromised. The parameter should be selected based on a risk assessment that weighs factors, such as the environments the device will be located and operational requirements for users to access data in a timely manner. Rationale for non-applicability: Given the inconvenience of entering special characters on some keyboards of mobile devices, a risk assessment determined that it would be acceptable to have device unlock passwords without special characters.
STIG Date
Mobile Operating System Security Requirements Guide 2012-10-01

Details

Check Text ( C-41574r1_chk )
This requirement is NA for the Mobile OS SRG.
Fix Text (F-37207r1_fix)
The requirement is NA. No fix is required.