| APPL-14-003007 The macOS system must require passwords contain a minimum of one numeric character. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| APPL-14-003008 The macOS system must restrict maximum password lifetime to 60 days. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| APPL-14-003010 The macOS system must require a minimum password length of 14 characters. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| APPL-14-003011 The macOS system must require passwords contain a minimum of one special character. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| CASA-ND-000520 - The Cisco ASA must be configured to enforce password complexity by requiring that at least one uppercase character be used. | DISA STIG Cisco ASA NDM v2r2 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| CISC-ND-000550 - The Cisco switch must be configured to enforce a minimum 15-character password length. | DISA STIG Cisco IOS XE Switch NDM v3r2 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| CISC-ND-000590 - The Cisco router must be configured to enforce password complexity by requiring that at least one numeric character be used. | DISA Cisco IOS Router NDM STIG v3r4 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| CISC-ND-000600 - The Cisco router must be configured to enforce password complexity by requiring that at least one special character be used. | DISA Cisco IOS Router NDM STIG v3r4 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| JUEX-NM-000270 - The Juniper EX switch must be configured to enforce a minimum 15-character password length. | DISA Juniper EX Series Network Device Management v2r3 | Juniper | IDENTIFICATION AND AUTHENTICATION |
| MADB-10-003750 - If MariaDB authentication using passwords is employed, MariaDB must enforce the DOD standards for password lifetime. | DISA MariaDB Enterprise 10.x v2r3 DB | MySQLDB | IDENTIFICATION AND AUTHENTICATION |
| OL08-00-020110 - OL 8 must enforce password complexity by requiring that at least one uppercase character be used. | DISA Oracle Linux 8 STIG v2r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL08-00-020140 - OL 8 must require the maximum number of repeating characters of the same character class be limited to four when passwords are changed. | DISA Oracle Linux 8 STIG v2r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL08-00-020170 - OL 8 must require the change of at least eight characters when passwords are changed. | DISA Oracle Linux 8 STIG v2r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-08-020190 - RHEL 8 passwords for new users or password changes must have a 24 hours/1 day minimum password lifetime restriction in /etc/login.defs. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-08-020210 - RHEL 8 user account passwords must be configured so that existing passwords are restricted to a 60-day maximum lifetime. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-08-020230 - RHEL 8 passwords must have a minimum of 15 characters. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-09-611040 - RHEL 9 must ensure the password complexity module is enabled in the password-auth file. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-09-611065 - RHEL 9 must enforce password complexity by requiring that at least one lowercase character be used. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-09-611090 - RHEL 9 passwords must be created with a minimum of 15 characters. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-09-611115 - RHEL 9 must require the change of at least eight characters when passwords are changed. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| SLES-15-020140 - The SUSE operating system must enforce passwords that contain at least one lowercase character. | DISA SUSE Linux Enterprise Server 15 STIG v2r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| SLES-15-020200 - The SUSE operating system must be configured to create or update passwords with a minimum lifetime of 24 hours (one day). | DISA SUSE Linux Enterprise Server 15 STIG v2r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| SLES-15-020220 - The SUSE operating system must be configured to create or update passwords with a maximum lifetime of 60 days. | DISA SUSE Linux Enterprise Server 15 STIG v2r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| SLES-15-020260 - The SUSE operating system must employ passwords with a minimum of 15 characters. | DISA SUSE Linux Enterprise Server 15 STIG v2r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| SLES-15-020270 - The SUSE operating system must enforce passwords that contain at least one special character. | DISA SUSE Linux Enterprise Server 15 STIG v2r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| SOL-11.1-040030 - The operating system must enforce minimum password lifetime restrictions. | DISA STIG Solaris 11 X86 v3r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| SOL-11.1-040040 - User passwords must be at least 15 characters in length. | DISA STIG Solaris 11 X86 v3r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| SOL-11.1-040060 - The system must require at least eight characters be changed between the old and new passwords during a password change. | DISA STIG Solaris 11 SPARC v3r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| SOL-11.1-040070 - The system must require passwords to contain at least one uppercase alphabetic character. | DISA STIG Solaris 11 SPARC v3r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| SOL-11.1-040070 - The system must require passwords to contain at least one uppercase alphabetic character. | DISA STIG Solaris 11 X86 v3r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| SPLK-CL-000340 - Splunk Enterprise must be configured to enforce password complexity by requiring that at least one uppercase character be used. | DISA STIG Splunk Enterprise 8.x for Linux v2r2 STIG OS | Unix | IDENTIFICATION AND AUTHENTICATION |
| SPLK-CL-000350 - Splunk Enterprise must be configured to enforce password complexity by requiring that at least one lowercase character be used. | DISA STIG Splunk Enterprise 8.x for Linux v2r2 STIG OS | Unix | IDENTIFICATION AND AUTHENTICATION |
| SPLK-CL-000360 - Splunk Enterprise must be configured to enforce password complexity by requiring that at least one numeric character be used. | DISA STIG Splunk Enterprise 8.x for Linux v2r2 STIG OS | Unix | IDENTIFICATION AND AUTHENTICATION |
| SPLK-CL-000370 - Splunk Enterprise must be configured to enforce a minimum 15-character password length. | DISA STIG Splunk Enterprise 8.x for Linux v2r2 STIG OS | Unix | IDENTIFICATION AND AUTHENTICATION |
| SPLK-CL-000380 - Splunk Enterprise must be configured to enforce password complexity by requiring that at least one special character be used. | DISA STIG Splunk Enterprise 8.x for Linux v2r2 STIG OS | Unix | IDENTIFICATION AND AUTHENTICATION |
| SPLK-CL-000400 - Splunk Enterprise must be configured to enforce a 60-day maximum password lifetime restriction. | DISA STIG Splunk Enterprise 8.x for Linux v2r2 STIG OS | Unix | IDENTIFICATION AND AUTHENTICATION |
| UBTU-20-010007 - The Ubuntu operating system must enforce 24 hours/1 day as the minimum password lifetime. Passwords for new users must have a 24 hours/1 day minimum password lifetime restriction. | DISA Canonical Ubuntu 20.04 LTS STIG v2r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| UBTU-20-010008 - The Ubuntu operating system must enforce a 60-day maximum password lifetime restriction. Passwords for new users must have a 60-day maximum password lifetime restriction. | DISA Canonical Ubuntu 20.04 LTS STIG v2r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| UBTU-20-010051 - The Ubuntu operating system must enforce password complexity by requiring that at least one lower-case character be used. | DISA Canonical Ubuntu 20.04 LTS STIG v2r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| UBTU-22-411030 - Ubuntu 22.04 LTS must enforce a 60-day maximum password lifetime restriction. Passwords for new users must have a 60-day maximum password lifetime restriction. | DISA Canonical Ubuntu 22.04 LTS STIG v2r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| UBTU-22-611015 - Ubuntu 22.04 LTS must enforce password complexity by requiring at least one lowercase character be used. | DISA Canonical Ubuntu 22.04 LTS STIG v2r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| UBTU-22-611020 - Ubuntu 22.04 LTS must enforce password complexity by requiring that at least one numeric character be used. | DISA Canonical Ubuntu 22.04 LTS STIG v2r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| UBTU-24-400310 - Ubuntu 24.04 LTS must enforce a 60-day maximum password lifetime restriction. Passwords for new users must have a 60-day maximum password lifetime restriction. | DISA Canonical Ubuntu 24.04 LTS STIG v1r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| UBTU-24-400320 - Ubuntu 24.04 LTS must enforce a minimum 15-character password length. | DISA Canonical Ubuntu 24.04 LTS STIG v1r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| VCSA-80-000069 - The vCenter Server passwords must be at least 15 characters in length. | DISA VMware vSphere 8.0 vCenter STIG v2r2 | VMware | IDENTIFICATION AND AUTHENTICATION |
| WN11-00-000090 - Accounts must be configured to require password expiration. | DISA Microsoft Windows 11 STIG v2r3 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN11-AC-000040 - The built-in Microsoft password complexity filter must be enabled. | DISA Microsoft Windows 11 STIG v2r3 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN22-00-000050 - Windows Server 2022 manually managed application account passwords must be at least 14 characters in length. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN22-00-000210 - Windows Server 2022 passwords must be configured to expire. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN22-AC-000050 - Windows Server 2022 maximum password age must be configured to 60 days or less. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | IDENTIFICATION AND AUTHENTICATION |
