usnistgov/macos_security
1
0
Fork 0
mirror of https://github.com/usnistgov/macos_security.git synced 2026-02-03 14:03:24 +00:00
Code Issues 21 Actions Packages Projects Releases Wiki Activity

14.3. Password Policy Supplemental duplicate entry? #268

New Issue
Closed
opened 2026-01-19 18:29:53 +00:00 by michael · 0 comments
michael commented 2026-01-19 18:29:53 +00:00
Owner
Copy Link

Originally created by @reuven-cohen on GitHub.

Summary

When creating a variation on the Password Policy for deployment, I found that one of the entries appears to be a duplicate

See XML entry in 14.3. Password Policy Supplemental to find the entries below.

Example

<dict>
<key>policyContent</key>
<string>policyAttributePassword matches '(.*[A-Z].*){1,}+'</string>
<key>policyIdentifier</key>
<string>Must have at least 1 uppercase letter</string>
<key>policyParameters</key>
<dict>
<key>minimumAlphaCharactersUpperCase</key>
<integer>1</integer>
</dict>

<dict>
<key>policyContent</key>
<string>policyAttributePassword matches '(.*[A-Z].*){1,}+'</string>
<key>policyIdentifier</key>
<string>Must have at least 1 uppercase letter</string>
<key>policyParameters</key>
<dict>
<key>minimumAlphaCharacters</key>
<integer>1</integer>
</dict>
</dict>

Suggested Fix

<dict>
<key>policyContent</key>
<string>policyAttributePassword matches '(.*[A-Za-z].*){1,}+'</string>
<key>policyIdentifier</key>
<string>Must have at least 1 Letter</string>
<key>policyParameters</key>
<dict>
<key>minimumAlphaCharacters</key>
<integer>1</integer>
</dict>
</dict>

Originally created by @reuven-cohen on GitHub. ### Summary When creating a variation on the Password Policy for deployment, I found that one of the entries appears to be a duplicate See XML entry in 14.3. Password Policy Supplemental to find the entries below. ### Example `<dict>` `<key>policyContent</key>` `<string>policyAttributePassword matches '(.*[A-Z].*){1,}+'</string>` `<key>policyIdentifier</key>` `<string>Must have at least 1 uppercase letter</string>` `<key>policyParameters</key>` `<dict>` `<key>minimumAlphaCharactersUpperCase</key>` `<integer>1</integer>` `</dict>` `<dict>` `<key>policyContent</key>` `<string>policyAttributePassword matches '(.*[A-Z].*){1,}+'</string>` `<key>policyIdentifier</key>` `<string>Must have at least 1 uppercase letter</string>` `<key>policyParameters</key>` `<dict>` `<key>minimumAlphaCharacters</key>` `<integer>1</integer>` `</dict>` `</dict>` ### Suggested Fix `<dict>` `<key>policyContent</key>` `<string>policyAttributePassword matches '(.*[A-Za-z].*){1,}+'</string>` `<key>policyIdentifier</key>` `<string>Must have at least 1 Letter</string>` `<key>policyParameters</key>` `<dict>` `<key>minimumAlphaCharacters</key>` `<integer>1</integer>` `</dict>` `</dict>`
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
No items
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
michael
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: usnistgov/macos_security#268
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?