Title

BlackBerry devices must be protected by authenticated login procedures to unlock the device. Either CAC or Password authentication is required. The device password must not contain more than two sequential characters or more than two repeating characters. (Cat II impact)

Discussion

Authenticated device unlock is a key security control for the BlackBerry system to restrict access to DoD data by unauthorized individuals. If the password complexity is not compliant, it may be possible for a hacker to guess the password.

Check Content

This requirement can only be met via User Based Enforcement (UBE) at this time. Consult with the user to ensure there are no more than two sequential characters (for example, abc) or no more than two repeating characters (for example, 222) in the password. If the device password contains more than two sequential characters or more than two repeating characters, this is a finding.

Fix Text

Configure the device password so that there are no more than two sequential characters or no more than two repeating characters.

Additional Identifiers

Rule ID: SV-49134r3_rule

Vulnerability ID: V-37372

Group Title:

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.