UCF STIG Viewer Logo

The mobile operating system must prohibit a user from reusing any of the last five previously used device unlock passwords.


Overview

Finding ID Version Rule ID IA Controls Severity
KNOX-02-000900 KNOX-02-000900 KNOX-02-000900_rule Low
Description
Password complexity, or strength, is a measure of the effectiveness of a password in resisting guessing and brute force attacks. Remembering the prior five device unlock passwords enables the operating system from permitting those passwords to be reused, which increases the resistance against password attacks.
STIG Date
Samsung Knox Android 1.0 STIG 2013-05-03

Details

Check Text ( C-KNOX-02-000900_chk )
If the local command determines that there is not a need for password rotation based on the expected operational use of the device, this requirement does not apply.

This check procedure is performed using an MDM tool.

Check that the appropriate setting is configured on the MDM server.

For example, on the Fixmo Sentinel Administration Console:
1. Ask the MDM administrator to display the configured value for "PIN History" in the "Android Honeycomb Password Restrictions" rule.
2. Verify the configured value is 5 or less.

If the configured value for "PIN History" is not 5 or less, this is a finding.
Fix Text (F-KNOX-02-000900_fix)
Configure the mobile operating system to prohibit a user from reusing any of the last five previously used device unlock passwords.

For example, on the Fixmo Sentinel Administration Console, set the "PIN History" value to 5 or less in the "Android Honeycomb Password Restrictions" rule.