Detections
Analytics
APPL-14-003060 - The macOS system must require passwords contain a minimum of one lowercase character and one uppercase character.
Information
The macOS be configured to require at least one lowercase character and one uppercase character be used when a password is created.This rule enforces password complexity by requiring users to set passwords that are less vulnerable to malicious users.
Note: The guidance for password-based authentication in NIST 800-53 (Rev 5) and NIST 800-63B state that complexity rules should be organizationally defined. The values defined are based on common complexity values, but an organization may define its own password complexity rules.
Note: The configuration profile generated must be installed from an MDM server.
Satisfies: SRG-OS-000069-GPOS-00037,SRG-OS-000070-GPOS-00038
Solution
Configure the macOS system to require at least one lowercase character and one uppercase character in password complexity by installing the "com.apple.mobiledevice.passwordpolicy" configuration profile.See Also
https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Apple_macOS_14_V2R4_STIG.zip
Item Details
Audit Name: DISA Apple macOS 14 Sonoma STIG v2r4
Category: IDENTIFICATION AND AUTHENTICATION
References: 800-53|IA-5(1)(a), CAT|II, CCI|CCI-000192, CCI|CCI-000193, CCI|CCI-004064, CCI|CCI-004066, Rule-ID|SV-259550r1038909_rule, STIG-ID|APPL-14-003060, Vuln-ID|V-259550
Plugin: Unix
Control ID: 6bd3f4e787bd2137b4adca06ae23afa6ebb5444ecc2fa431e843058df99b55f9