|Finding ID||Version||Rule ID||IA Controls||Severity|
|Sensitive DoD data could be compromised if a device unlock password/passcode is not set to required length on DoD smartphones.|
|BlackBerry Playbook OS (NEA mode) Security Technical Implementation Guide (STIG)||2012-09-21|
|Check Text ( C-39061r1_chk )|
| This check applies to any mobile OS device (smartphones, tablets, etc.). |
Check a sample of 2-3 devices managed by the site to verify the device unlock password/passcode has been set to 8 or more alphanumeric characters. The exact procedure will vary, depending on the mobile OS.
Have the user show that a device unlock password/passcode has been set to 8 or more alphanumeric characters.
Mark as a finding if configuration is not set as required.
|Fix Text (F-27687r1_fix)|
|Set the smartphone minimum password/passcode length as required.|