3.4.1 Ensure 'Allow simple value' is set to 'Disabled'

Information

This recommendation pertains to passcode requirements. A simple passcode is defined as containing repeated characters, or increasing/decreasing characters (such as 123 or CBA).

Rationale:
Simple passcodes such as those with repeating, ascending, or descending character sequences are easily guessed. Preventing the selection of passwords containing such sequences increases the complexity of the passcode and reduces the ease with which an attacker may attempt to guess the passcode in order to gain access to the device.

Solution

1. Open Apple Configurator.
2. Open the Configuration Profile.
3. In the left windowpane, click on the Passcode tab.
4. In the right windowpane, uncheck the checkbox for Allow simple value.
5. Deploy the Configuration Profile.

See Also

https://workbench.cisecurity.org/files/2141

Item Details

Category: IDENTIFICATION AND AUTHENTICATION

References: 800-53|IA-5(1)(a), CSCv6|16

Plugin: MDM

Control ID: e2621bb5ed035e055713265b61fe1ba51c566b0f18011e4a9cd2503d33da167f