| 1.1.3 Configure Secure Password Policy - Minimum Password Length | CIS F5 Networks v1.0.0 L1 | F5 | IDENTIFICATION AND AUTHENTICATION |
| 1.1.3 Configure Secure Password Policy - Required Uppercase | CIS F5 Networks v1.0.0 L1 | F5 | IDENTIFICATION AND AUTHENTICATION |
| 1.1.4 (L1) Ensure 'Minimum password length' is set to '14 or more character(s)' | CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 1.1.4 (L1) Ensure 'Minimum password length' is set to '14 or more character(s)' | CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL | Windows | IDENTIFICATION AND AUTHENTICATION |
| 1.1.4 (L1) Ensure 'Minimum password length' is set to '14 or more character(s)' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 NG | Windows | IDENTIFICATION AND AUTHENTICATION |
| 1.1.5 (L1) Ensure 'Password must meet complexity requirements' is set to 'Enabled' | CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BL | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.2.36 (L1) Ensure 'Replace a process level token' is set to 'LOCAL SERVICE, NETWORK SERVICE' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | IDENTIFICATION AND AUTHENTICATION |
| 3.4 Ensure 'PASSWORD_REUSE_MAX' Is Greater than or Equal to '20' | CIS Oracle Server 12c DB Unified Auditing v3.0.0 | OracleDB | IDENTIFICATION AND AUTHENTICATION |
| 3.5 Ensure 'PASSWORD_REUSE_TIME' Is Greater than or Equal to '365' | CIS Oracle Server 18c DB Unified Auditing v1.1.0 | OracleDB | IDENTIFICATION AND AUTHENTICATION |
| 4.3 Ensure 'CHECK_POLICY' Option is set to 'ON' for All SQL Authenticated Logins | CIS SQL Server 2008 R2 DB Engine L1 v1.7.0 | MS_SQLDB | IDENTIFICATION AND AUTHENTICATION |
| 5.2.7 Ensure pwd_algorithm is configured | CIS IBM AIX 7 v1.0.0 L1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.2.8 Ensure a strong password hashing algorithm is configured | CIS IBM AIX 7 v1.0.0 L1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.3.1 Ensure password creation requirements are configured - 'dcredit' | CIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.3.1 Ensure password creation requirements are configured - 'minlen' | CIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.3.1 Ensure password creation requirements are configured - 'ocredit' | CIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.3.1 Ensure password creation requirements are configured - 'ucredit' | CIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.3.1 Ensure password creation requirements are configured - retry=3 | CIS Debian Family Workstation L1 v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.3.1 Ensure password creation requirements are configured - retry=3 | CIS Debian 9 Server L1 v1.0.1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.3.1 Ensure password creation requirements are configured - retry=3 | CIS Debian Family Server L1 v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.4.1.1 Ensure password expiration is 365 days or less - login.defs | CIS Distribution Independent Linux Server L1 v2.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.4.1.1 Ensure password expiration is 365 days or less - users | CIS Distribution Independent Linux Workstation L1 v2.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.4.1.1 Ensure password expiration is 365 days or less - users | CIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.4.1.1 Ensure password expiration is 365 days or less - users | CIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.4.1.2 Ensure minimum days between password changes is 7 or more - login.defs | CIS Distribution Independent Linux Server L1 v2.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.4.1.2 Ensure minimum days between password changes is 7 or more - users | CIS Distribution Independent Linux Server L1 v2.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.4.1.2 Ensure minimum days between password changes is configured - login.defs | CIS Debian Family Server L1 v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.4.1.2 Ensure minimum days between password changes is configured - users | CIS Debian Family Workstation L1 v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.4.1.2 Ensure minimum days between password changes is configured - users | CIS Debian Family Server L1 v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.4.1.3 Ensure password expiration warning days is 7 or more - users | CIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.4.1.3 Ensure password expiration warning days is 7 or more - users | CIS Ubuntu Linux 18.04 LXD Host L1 Workstation v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.4.1.3 Ensure password expiration warning days is 7 or more - users | CIS Distribution Independent Linux Server L1 v2.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.4.1.4 Ensure inactive password lock is 30 days or less - useradd | CIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.4.1.4 Ensure inactive password lock is 30 days or less - users | CIS Distribution Independent Linux Server L1 v2.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.4.1.5 Ensure all users last password change date is in the past | CIS Distribution Independent Linux Server L1 v2.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.4.3 Ensure password reuse is limited - password-auth | CIS Red Hat 6 Server L1 v3.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.4.3 Ensure password reuse is limited - system-auth | CIS Oracle Linux 6 Server L1 v2.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.4.3 Ensure password reuse is limited - system-auth | CIS Oracle Linux 6 Workstation L1 v2.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.4.3 Ensure password reuse is limited - system-auth | CIS Red Hat 6 Workstation L1 v3.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.5.1.1 Ensure minimum days between password changes is configured - login.defs | CIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.5.1.1 Ensure minimum days between password changes is configured - users | CIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.5.1.1 Ensure password expiration is 365 days or less - login.defs | CIS CentOS 6 Server L1 v3.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.5.1.1 Ensure password expiration is 365 days or less - login.defs | CIS CentOS 6 Workstation L1 v3.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.5.1.1 Ensure password expiration is 365 days or less - users | CIS Oracle Linux 6 Server L1 v2.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.5.1.1 Ensure password expiration is 365 days or less - users | CIS Oracle Linux 6 Workstation L1 v2.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.5.1.3 Ensure password expiration warning days is 7 or more - login.defs | CIS Red Hat 6 Server L1 v3.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.5.1.3 Ensure password expiration warning days is 7 or more - users | CIS CentOS 6 Server L1 v3.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.5.1.3 Ensure password expiration warning days is 7 or more - users | CIS CentOS 6 Workstation L1 v3.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.5.1.3 Ensure password expiration warning days is 7 or more - users | CIS Oracle Linux 6 Server L1 v2.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 6.2.1 Ensure password fields are not empty | CIS Distribution Independent Linux Server L1 v2.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 6.3.1 Set Password Creation Requirement Parameters Using pam_cracklib - password required | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | IDENTIFICATION AND AUTHENTICATION |
