The Samsung Knox for Android platform must be configured to prohibit more than 10 consecutive failed authentication attempts.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-56043 | KNOX-34-008900 | SV-70297r1_rule | Low |
| Description |
|---|
| Users must not be able to override the system policy on the maximum number of consecutive failed authentication attempts because this could allow them to raise the maximum, thus giving adversaries more chances to guess/brute force passwords, which increases the risk of the mobile device being compromised. Therefore, only administrators should have the authority to set consecutive failed authentication attempt policies. SFR ID: FMT_SMF.1.1 #02 |
| STIG | Date |
|---|---|
| Samsung Android (with Knox 2.x) STIG | 2016-02-25 |
Details
| Check Text ( C-56613r1_chk ) |
|---|
| This validation procedure is performed only on the MDM Administration Console. Check whether the appropriate setting is configured on the MDM Administration Console: 1. Ask the MDM administrator to display the "Maximum Failed Attempts" field in the "Android Password Restrictions" rule for the device unlock password. 2. Verify the value of the setting is 10 or less. This configuration is not available on the Samsung Knox for Android device. If the "Maximum Failed Attempts" field in the "Android Password Restrictions" rule for the device unlock password is not set to 10 or less, this is a finding. |
| Fix Text (F-60921r1_fix) |
|---|
| Configure the mobile device to allow only 10 or less consecutive failed authentication attempts. On the MDM Administration Console, set the "Maximum Failed Attempts" to 10 or less in the "Android Password Restrictions" rule for the device unlock password. |