Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
KNOX-02-000900 | KNOX-02-000900 | KNOX-02-000900_rule | Low |
Description |
---|
Password complexity, or strength, is a measure of the effectiveness of a password in resisting guessing and brute force attacks. Remembering the prior five device unlock passwords enables the operating system from permitting those passwords to be reused, which increases the resistance against password attacks. |
STIG | Date |
---|---|
Samsung Knox Android 1.0 STIG | 2013-05-03 |
Check Text ( C-KNOX-02-000900_chk ) |
---|
If the local command determines that there is not a need for password rotation based on the expected operational use of the device, this requirement does not apply. This check procedure is performed using an MDM tool. Check that the appropriate setting is configured on the MDM server. For example, on the Fixmo Sentinel Administration Console: 1. Ask the MDM administrator to display the configured value for "PIN History" in the "Android Honeycomb Password Restrictions" rule. 2. Verify the configured value is 5 or less. If the configured value for "PIN History" is not 5 or less, this is a finding. |
Fix Text (F-KNOX-02-000900_fix) |
---|
Configure the mobile operating system to prohibit a user from reusing any of the last five previously used device unlock passwords. For example, on the Fixmo Sentinel Administration Console, set the "PIN History" value to 5 or less in the "Android Honeycomb Password Restrictions" rule. |