The operating system must enforce minimum password lifetime restrictions.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-33002	SRG-OS-000075-NA	SV-43400r1_rule		Medium

Description
Passwords need to be changed at specific policy based intervals, however if the information system or application allows the user to immediately and continually change their password then the password could be repeatedly changed in a short period of time defeating the organization's policy regarding password reuse. Rationale for non-applicability: Risk environment for mobility does not require minimum password age in the field.

Description

Passwords need to be changed at specific policy based intervals, however if the information system or application allows the user to immediately and continually change their password then the password could be repeatedly changed in a short period of time defeating the organization's policy regarding password reuse. Rationale for non-applicability: Risk environment for mobility does not require minimum password age in the field.

STIG	Date
Mobile Operating System Security Requirements Guide	2013-07-03

Details

Check Text ( C-41299r1_chk )
This requirement is NA for the Mobile OS SRG.

Fix Text (F-36914r1_fix)
The requirement is NA. No fix is required.