3.1.4 - MobileIron - Set the 'minimum number of character sets'

Information

This control determines if new passwords are required to satisfy a certain level of complexity. By default, iOS devices do not require such complex characters in the passcode, and the default minimum value Exchange ActiveSync policy applies for users not assigned to a mailbox policy is zero (0). The recommended setting is the minimum device password complexity is set to 1 or more characters.
Note: iOS devices implement the MinDeviceComplexCharacters configuration items as the number of special characters required in a passcode. This is an important distinction from some non-iOS EAS profile setting implementations in which this value specifies the number of character groups that are required to be present in the password (e.g., lower case alphabetical characters, upper case alphabetical characters, numerals, and non-alphanumeric characters; see MSDN Library topic on 2.2.2.36 MinDevicePasswordComplexCharacters at http://msdn.microsoft.com/en-us/library/ee201726%28v=exchg.80%29.aspx).

Solution

From the MobileIron console, open the Policies and Configs -> Policies view. Under the Security Policy verify that Minimum Number of Complex Characters is set to 1 or more.

See Also

https://workbench.cisecurity.org/files/1678

Item Details

Category: IDENTIFICATION AND AUTHENTICATION

References: 800-53|IA-5(1)(a)

Plugin: MDM

Control ID: caf8655254d9de7d9e6b00495a7fa1202125b61193b312d9f9b88ecab7fd8cff