Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-33002 | SRG-OS-000075-NA | SV-43400r1_rule | Medium |
Description |
---|
Passwords need to be changed at specific policy based intervals, however if the information system or application allows the user to immediately and continually change their password then the password could be repeatedly changed in a short period of time defeating the organization's policy regarding password reuse. Rationale for non-applicability: Risk environment for mobility does not require minimum password age in the field. |
STIG | Date |
---|---|
Mobile Operating System Security Requirements Guide | 2013-07-03 |
Check Text ( C-41299r1_chk ) |
---|
This requirement is NA for the Mobile OS SRG. |
Fix Text (F-36914r1_fix) |
---|
The requirement is NA. No fix is required. |