Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The device minimum password/passcode length must be set as required.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-25016 | WIR-MOS-PDA-011 | SV-32705r2_rule | ECWN-1 IAIA-1 | Medium |
| Description |
|---|
| If the length of the passcode is less than the required length, brute force password attacks will take less time than they would otherwise. Successful attacks will compromise authentication credentials and potentially compromise other sensitive DoD information. |
| STIG | Date |
|---|---|
| PDA/Smartphone Security Technical Implementation Guide | 2011-10-07 |
Details
| Check Text ( C-32926r1_chk ) |
|---|
| Detailed Policy Requirements: PDAs and smartphones must be protected by authenticated login procedures to unlock the device. The device password is set to eight or more characters. Check Procedures: Check a sample (3-4 devices) on site PDAs and verify unlock password is set to 8 or more characters. |
| Fix Text (F-27687r2_fix) |
|---|
| Set the smartphone minimum password/passcode length as required. |