AIOS-13-010500 - Apple iOS/iPadOS must require a valid password be successfully entered before the mobile device data is unencrypted.


Passwords provide a form of access control that prevents unauthorized individuals from accessing computing resources and sensitive data. Passwords may also be a source of entropy for generation of key encryption or data encryption keys. If a password is not required to access data, this data is accessible to any adversary who obtains physical possession of the device. Requiring that a password be successfully entered before the mobile device data is unencrypted mitigates this risk.

Note: MDF PP v2.0 requires a Password Authentication Factor and requires management of its length and complexity. It leaves open whether the existence of a password is subject to management. This STIGID addresses the configuration to require a password, which is critical to the cybersecurity posture of the device.



Install a configuration profile to require a password to unlock the device.

See Also

Item Details


References: 800-53|AC-14, CAT|I, CCI|CCI-001199, Rule-ID|SV-106567r1_rule, STIG-ID|AIOS-13-010500, Vuln-ID|V-97463

Plugin: MDM

Control ID: 6e9aeb5e68097dc10e6ec54b9a6cb6bf01d1451e813d6932bf573bcbb36e9780