Password requires 10 or more characters
Password requires 10 or more characters
Checks that the password policy requires at least 10 characters. Requires osquery 5.4.0 or newer.
Control
Create or edit a configuration profile with the following information:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>PayloadContent</key>
<array>
<dict>
<key>PayloadDisplayName</key>
<string>Passcode</string>
<key>PayloadIdentifier</key>
<string>com.apple.mobiledevice.passwordpolicy.0668AAD7-0A80-476C-AAF7-C5F63B5E8E3D</string>
<key>PayloadType</key>
<string>com.apple.mobiledevice.passwordpolicy</string>
<key>PayloadUUID</key>
<string>0668AAD7-0A80-476C-AAF7-C5F63B5E8E3D</string>
<key>PayloadVersion</key>
<integer>1</integer>
<key>minLength</key>
<integer>10</integer>
</dict>
</array>
<key>PayloadDisplayName</key>
<string>Require password of 10 or more characters</string>
<key>PayloadIdentifier</key>
<string>com.fleetdm.passwordPolicy10Characters.D3CDEDA2-DC77-484F-92F8-68A4902800AD</string>
<key>PayloadType</key>
<string>Configuration</string>
<key>PayloadUUID</key>
<string>D3CDEDA2-DC77-484F-92F8-68A4902800AD</string>
<key>PayloadVersion</key>
<integer>1</integer>
</dict>
</plist>
Create or edit the following script and configure it to run when the check fails:
Check
Use the policy below to verify:
SELECT 1 FROM (SELECT cast(lengthtxt as integer(2)) minlength FROM (SELECT SUBSTRING(length, 1, 2) AS lengthtxt FROM (SELECT policy_description, policy_identifier, split(policy_content, '{', 1) AS length FROM password_policy WHERE policy_identifier LIKE '%minLength')) WHERE minlength >= 10);
PowerShell commands are currently work in progress, contributions welcome.
Bash commands are currently work in progress, contributions welcome.
macOS/apple
Windows
Linux
ChromeOS
Edit page
SOC2 Type 2
© 2025 Fleet Inc.
Privacy
