3.1.4 - AirWatch - Set the 'minimum number of character sets'

Information

This control determines if new passwords are required to satisfy a certain level of complexity. By default, iOS devices do not require such complex characters in the passcode, and the default minimum value Exchange ActiveSync policy applies for users not assigned to a mailbox policy is zero (0). The recommended setting is the minimum device password complexity is set to 1 or more characters.
Note: iOS devices implement the MinDeviceComplexCharacters configuration items as the number of special characters required in a passcode. This is an important distinction from some non-iOS EAS profile setting implementations in which this value specifies the number of character groups that are required to be present in the password (e.g., lower case alphabetical characters, upper case alphabetical characters, numerals, and non-alphanumeric characters; see MSDN Library topic on 2.2.2.36 MinDevicePasswordComplexCharacters at http://msdn.microsoft.com/en-us/library/ee201726%28v=exchg.80%29.aspx).

Solution

From the AirWatch console, open the iOS device profile. Under Passcode verify that Minimum number of complex characters is set to 1 or more.

See Also

https://workbench.cisecurity.org/files/447

Item Details

Category: IDENTIFICATION AND AUTHENTICATION

References: 800-53|IA-5(1)(a)

Plugin: MDM

Control ID: 8676cba9f96ebf5bdc0d70d402d7f6e91a6457d29040a268df696b795a125e89