STIGQter STIGQter: STIG Summary: Samsung Android OS 9 with Knox 3.x COBO Use Case KPE(Legacy) Deployment Security Technical Implementation Guide Version: 1 Release: 4 Benchmark Date: 24 Jul 2020:

Samsung Android must be configured to not allow passwords that include more than two repeating or sequential characters.

DISA Rule

SV-103669r1_rule

Vulnerability Number

V-93583

Group Title

PP-MDF-301020

Rule Version

KNOX-09-000395

Severity

CAT III

CCI(s)

Weight

10

Fix Recommendation

Configure Samsung Android to prevent passwords from containing more than two repeating or sequential characters.

On the MDM console, for the device, in the "Knox password constraints" group:
1. Set "maximum sequential characters" to "2".
2. Set "maximum sequential numbers" to "2".

Check Contents

Review device configuration settings to confirm that passwords with two repeating or sequential characters are prevented.

This procedure is performed on both the MDM Administration console and the Samsung Android device.

On the MDM console, do the following:
1. For the device, in the "Knox password constraint" group, verify that "maximum sequential characters" is "2" or less.
2. For the device, in the "Knox password constraint" group, verify that "maximum sequential numbers" is "2" or less.

On the Samsung Android device, do the following:
1. Open Settings.
2. Tap "Lock screen".
3. Tap "Screen lock type".
4. Enter current password.
5. Tap "Password".
6. Verify that passwords with two or more sequential characters or numbers are not accepted.

If on the MDM console "maximum sequential characters" or "maximum sequential numbers" is more than "2", or on the Samsung Android device a password with two or more sequential characters or numbers is accepted, this is a finding.

Vulnerability Number

V-93583

Documentable

False

Rule Version

KNOX-09-000395

Severity Override Guidance

Review device configuration settings to confirm that passwords with two repeating or sequential characters are prevented.

This procedure is performed on both the MDM Administration console and the Samsung Android device.

On the MDM console, do the following:
1. For the device, in the "Knox password constraint" group, verify that "maximum sequential characters" is "2" or less.
2. For the device, in the "Knox password constraint" group, verify that "maximum sequential numbers" is "2" or less.

On the Samsung Android device, do the following:
1. Open Settings.
2. Tap "Lock screen".
3. Tap "Screen lock type".
4. Enter current password.
5. Tap "Password".
6. Verify that passwords with two or more sequential characters or numbers are not accepted.

If on the MDM console "maximum sequential characters" or "maximum sequential numbers" is more than "2", or on the Samsung Android device a password with two or more sequential characters or numbers is accepted, this is a finding.

Check Content Reference

M

Target Key

3497

Comments