| 1.1.2 Ensure 'Maximum password age' is set to '60 or fewer days, but not 0' | CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 1.1.3 Configure Secure Password Policy - EnsurePassword Memory | CIS F5 Networks v1.0.0 L1 | F5 | IDENTIFICATION AND AUTHENTICATION |
| 1.1.3 Configure Secure Password Policy - Maximum Duration | CIS F5 Networks v1.0.0 L1 | F5 | IDENTIFICATION AND AUTHENTICATION |
| 1.1.3 Configure Secure Password Policy - Required Numeric | CIS F5 Networks v1.0.0 L1 | F5 | IDENTIFICATION AND AUTHENTICATION |
| 5.3.1 Ensure password creation requirements are configured - 'minlen' | CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.3.3 Ensure password reuse is limited | CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.4.1.1 Ensure password expiration is 90 days or less - login.defs | CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.4.1.2 Ensure minimum days between password changes is 7 or more - users | CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.4.1.4 Ensure inactive password lock is 30 days or less - useradd | CIS Distribution Independent Linux Server L1 v2.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.4.3 Ensure password reuse is limited - password-auth | CIS CentOS 6 Workstation L1 v3.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 6.2.1 Ensure password fields are not empty | CIS Debian 8 Workstation L1 v2.0.2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 8.2 Verify That There Are No Accounts With Empty Password Fields | CIS Solaris 9 v1.3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 18.2.2 Ensure 'Do not allow password expiration time longer than required by policy' is set to 'Enabled' | CIS Windows 7 Workstation Level 1 v3.2.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 18.2.5 Ensure 'Password Settings: Password Length' is set to 'Enabled: 15 or more' | CIS Windows 7 Workstation Level 1 v3.2.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 18.2.5 Ensure 'Password Settings: Password Length' is set to 'Enabled: 15 or more' | CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| Big Sur - Force Password Change at Next Logon | NIST macOS Big Sur v1.4.0 - 800-171 | Unix | IDENTIFICATION AND AUTHENTICATION |
| Big Sur - Require a Minimum of Fifty Percent Character Change in New Passwords | NIST macOS Big Sur v1.4.0 - 800-53r4 Moderate | Unix | IDENTIFICATION AND AUTHENTICATION |
| Big Sur - Require Passwords Contain a Minimum of One Lowercase Character | NIST macOS Big Sur v1.4.0 - 800-53r4 Moderate | Unix | IDENTIFICATION AND AUTHENTICATION |
| Big Sur - Require Passwords Contain a Minimum of One Lowercase Character | NIST macOS Big Sur v1.4.0 - CNSSI 1253 | Unix | IDENTIFICATION AND AUTHENTICATION |
| Big Sur - Require Passwords Contain a Minimum of One Uppercase Character | NIST macOS Big Sur v1.4.0 - 800-53r5 High | Unix | IDENTIFICATION AND AUTHENTICATION |
| Catalina - Force Password Change at Next Logon | NIST macOS Catalina v1.5.0 - 800-171 | Unix | IDENTIFICATION AND AUTHENTICATION |
| Catalina - Force Password Change at Next Logon | NIST macOS Catalina v1.5.0 - 800-53r4 Low | Unix | IDENTIFICATION AND AUTHENTICATION |
| Catalina - Force Password Change at Next Logon | NIST macOS Catalina v1.5.0 - 800-53r5 Moderate | Unix | IDENTIFICATION AND AUTHENTICATION |
| Catalina - Require Passwords Contain a Minimum of One Lowercase Character | NIST macOS Catalina v1.5.0 - 800-53r4 Low | Unix | IDENTIFICATION AND AUTHENTICATION |
| Catalina - Require Passwords Contain a Minimum of One Lowercase Character | NIST macOS Catalina v1.5.0 - 800-53r5 High | Unix | IDENTIFICATION AND AUTHENTICATION |
| Domain member: Maximum machine account password age | MSCT Windows Server 1903 MS v1.19.9 | Windows | IDENTIFICATION AND AUTHENTICATION |
| Domain member: Maximum machine account password age | MSCT Windows Server 2016 MS v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| Domain member: Maximum machine account password age | MSCT Windows Server 2019 MS v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| Enforce password history | MSCT Windows 10 v1507 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| Enforce password history | MSCT Windows Server v1909 DC v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| Enforce password history | MSCT Windows Server 2016 DC v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| Enforce password history | MSCT Windows Server 2019 DC v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| Maximum password age | MSCT Windows Server 2012 R2 DC v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| Maximum password age | MSCT Windows Server 2016 MS v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| Minimum password age | MSCT Windows Server 2016 DC v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| Monterey - Force Password Change at Next Logon | NIST macOS Monterey v1.0.0 - 800-53r4 Low | Unix | IDENTIFICATION AND AUTHENTICATION |
| Monterey - Force Password Change at Next Logon | NIST macOS Monterey v1.0.0 - CNSSI 1253 | Unix | IDENTIFICATION AND AUTHENTICATION |
| Monterey - Require a Minimum of Fifty Percent Character Change in New Passwords | NIST macOS Monterey v1.0.0 - 800-171 | Unix | IDENTIFICATION AND AUTHENTICATION |
| Monterey - Require a Minimum of Fifty Percent Character Change in New Passwords | NIST macOS Monterey v1.0.0 - 800-53r4 Low | Unix | IDENTIFICATION AND AUTHENTICATION |
| Monterey - Require a Minimum Password Length of 15 Characters | NIST macOS Monterey v1.0.0 - 800-171 | Unix | IDENTIFICATION AND AUTHENTICATION |
| Monterey - Require a Minimum Password Length of 15 Characters | NIST macOS Monterey v1.0.0 - 800-53r4 High | Unix | IDENTIFICATION AND AUTHENTICATION |
| Monterey - Require a Minimum Password Length of 15 Characters | NIST macOS Monterey v1.0.0 - All Profiles | Unix | IDENTIFICATION AND AUTHENTICATION |
| Monterey - Require Passwords Contain a Minimum of One Lowercase Character | NIST macOS Monterey v1.0.0 - 800-171 | Unix | IDENTIFICATION AND AUTHENTICATION |
| Monterey - Require Passwords Contain a Minimum of One Lowercase Character | NIST macOS Monterey v1.0.0 - 800-53r4 Low | Unix | IDENTIFICATION AND AUTHENTICATION |
| Monterey - Require Passwords Contain a Minimum of One Lowercase Character | NIST macOS Monterey v1.0.0 - 800-53r5 Moderate | Unix | IDENTIFICATION AND AUTHENTICATION |
| Monterey - Require Passwords Contain a Minimum of One Numeric Character | NIST macOS Monterey v1.0.0 - 800-53r5 High | Unix | IDENTIFICATION AND AUTHENTICATION |
| Monterey - Require Passwords Contain a Minimum of One Special Character | NIST macOS Monterey v1.0.0 - 800-171 | Unix | IDENTIFICATION AND AUTHENTICATION |
| Monterey - Require Passwords Contain a Minimum of One Special Character | NIST macOS Monterey v1.0.0 - 800-53r5 Low | Unix | IDENTIFICATION AND AUTHENTICATION |
| Monterey - Require Passwords Contain a Minimum of One Uppercase Character | NIST macOS Monterey v1.0.0 - CNSSI 1253 | Unix | IDENTIFICATION AND AUTHENTICATION |
| Monterey - Restrict Maximum Password Lifetime to 60 Days | NIST macOS Monterey v1.0.0 - 800-53r4 Low | Unix | IDENTIFICATION AND AUTHENTICATION |
