3.4.1 Ensure 'Allow simple value' is set to 'Disabled'

Information

This recommendation pertains to passcode requirements. A simple passcode is defined as containing repeated characters, or increasing/decreasing characters (such as 123 or CBA).

Rationale:

Simple passcodes such as those with repeating, ascending, or descending character sequences are easily guessed. Preventing the selection of passwords containing such sequences increases the complexity of the passcode and reduces the ease with which an attacker may attempt to guess the passcode in order to gain access to the device.

Solution

1. Open Apple Configurator.
2. Open the Configuration Profile.
3. In the left windowpane, click on the 'Passcode' tab.
4. In the right windowpane, 'uncheck' the checkbox for 'Allow simple value'.
5. Deploy the Configuration Profile.

Impact:

None.

See Also

https://workbench.cisecurity.org/files/1806

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-7b., CSCv6|16

Plugin: MDM

Control ID: a2ed5947071e61cf273db7313ae81cfdddf353f8050aa73b844bf6fc956b07b8