| AIX7-00-001045 - IF LDAP is used, AIX LDAP client must use SSL to authenticate with LDAP server. | DISA STIG AIX 7.x v3r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| AIX7-00-001124 - AIX root passwords must never be passed over a network in clear text form. | DISA STIG AIX 7.x v3r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| AIX7-00-002059 - AIX telnet daemon must not be running. | DISA STIG AIX 7.x v3r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| AIX7-00-002060 - AIX ftpd daemon must not be running. | DISA STIG AIX 7.x v3r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| AIX7-00-003040 - The AIX rsh daemon must be disabled. | DISA STIG AIX 7.x v3r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| AIX7-00-003041 - The AIX rlogind service must be disabled. | DISA STIG AIX 7.x v3r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| AOSX-15-002038 - The macOS system must be configured to disable the tftp service. | DISA STIG Apple Mac OSX 10.15 v1r10 | Unix | IDENTIFICATION AND AUTHENTICATION |
| AS24-W1-000370 - The Apache web server must encrypt passwords during transmission. | DISA STIG Apache Server 2.4 Windows Server v2r3 | Windows | IDENTIFICATION AND AUTHENTICATION |
| Big Sur - Disable Trivial File Tansfer Protocol Service | NIST macOS Big Sur v1.4.0 - All Profiles | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Catalina - Disable Trivial File Tansfer Protocol Service | NIST macOS Catalina v1.5.0 - 800-53r4 Low | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Catalina - Disable Trivial File Tansfer Protocol Service | NIST macOS Catalina v1.5.0 - All Profiles | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Catalina - Disable Trivial File Tansfer Protocol Service | NIST macOS Catalina v1.5.0 - CNSSI 1253 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| DB2X-00-004100 - If passwords are used for authentication, DB2 must transmit only encrypted representations of passwords | DISA STIG IBM DB2 v10.5 LUW v2r1 OS Linux | Unix | IDENTIFICATION AND AUTHENTICATION |
| DB2X-00-004100 - If passwords are used for authentication, DB2 must transmit only encrypted representations of passwords | DISA STIG IBM DB2 v10.5 LUW v2r1 OS Windows | Windows | IDENTIFICATION AND AUTHENTICATION |
| EP11-00-004300 - If passwords are used for authentication, the EDB Postgres Advanced Server must store only hashed, salted representations of passwords. | EDB PostgreSQL Advanced Server v11 DB Audit v2r4 | PostgreSQLDB | IDENTIFICATION AND AUTHENTICATION |
| EP11-00-004400 - If passwords are used for authentication, the EDB Postgres Advanced Server must transmit only encrypted representations of passwords. | EDB PostgreSQL Advanced Server v11 Windows OS Audit v2r4 | Windows | IDENTIFICATION AND AUTHENTICATION |
| F5BI-DM-000123 - The BIG-IP appliance must only transmit encrypted representations of passwords. | DISA F5 BIG-IP Device Management STIG v2r4 | F5 | IDENTIFICATION AND AUTHENTICATION |
| JBOS-AS-000295 - The JBoss Password Vault must be used for storing passwords or other sensitive configuration information. | DISA JBoss EAP 6.3 STIG v2r5 | Unix | IDENTIFICATION AND AUTHENTICATION |
| JBOS-AS-000300 - JBoss KeyStore and Truststore passwords must not be stored in clear text. | DISA JBoss EAP 6.3 STIG v2r5 | Unix | IDENTIFICATION AND AUTHENTICATION |
| JBOS-AS-000305 - LDAP enabled security realm value allow-empty-passwords must be set to false. | DISA JBoss EAP 6.3 STIG v2r5 | Unix | IDENTIFICATION AND AUTHENTICATION |
| JBOS-AS-000310 - JBoss must utilize encryption when using LDAP for authentication. | DISA JBoss EAP 6.3 STIG v2r5 | Unix | IDENTIFICATION AND AUTHENTICATION |
| JUSX-DM-000136 - For local accounts using password authentication (i.e., the root account and the account of last resort) the Juniper SRX Services Gateway must use the SHA1 or later protocol for password authentication. | DISA Juniper SRX Services Gateway NDM v3r2 | Juniper | IDENTIFICATION AND AUTHENTICATION |
| MD3X-00-000330 - If passwords are used for authentication, MongoDB must store only hashed, salted representations of passwords. | DISA STIG MongoDB Enterprise Advanced 3.x v2r3 OS | Unix | IDENTIFICATION AND AUTHENTICATION |
| OH12-1X-000242 - OHS must have the SSLEngine, SSLProtocol, and SSLWallet directives enabled and configured to encrypt passwords during transmission - SSLEngine | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OH12-1X-000242 - OHS must have the SSLEngine, SSLProtocol, and SSLWallet directives enabled and configured to encrypt passwords during transmission - SSLProtocol | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OH12-1X-000242 - OHS must have the SSLEngine, SSLProtocol, and SSLWallet directives enabled and configured to encrypt passwords during transmission - SSLWallet | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OH12-1X-000243 - OHS must have the SSLCipherSuite directive enabled to encrypt passwords during transmission. | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL6-00-000227 - The SSH daemon must be configured to use only the SSHv2 protocol. | DISA STIG Oracle Linux 6 v2r7 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL6-00-000347 - There must be no .netrc files on the system. | DISA STIG Oracle Linux 6 v2r7 | Unix | IDENTIFICATION AND AUTHENTICATION |
| PANW-NM-000061 - The Palo Alto Networks security platform must prohibit the use of unencrypted protocols for network access to privileged accounts. | DISA STIG Palo Alto NDM v3r2 | Palo_Alto | IDENTIFICATION AND AUTHENTICATION |
| PGS9-00-009500 - If passwords are used for authentication, PostgreSQL must store only hashed, salted representations of passwords. | DISA STIG PostgreSQL 9.x on RHEL DB v2r5 | PostgreSQLDB | IDENTIFICATION AND AUTHENTICATION |
| PPS9-00-004300 - If passwords are used for authentication, the EDB Postgres Advanced Server must store only hashed, salted representations of passwords. | EDB PostgreSQL Advanced Server DB Audit v2r3 | PostgreSQLDB | IDENTIFICATION AND AUTHENTICATION |
| RHEL-06-000031 - The /etc/passwd file must not contain password hashes. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-06-000347 - There must be no .netrc files on the system. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-07-010200 - The Red Hat Enterprise Linux operating system must be configured so that the PAM system service is configured to store only encrypted representations of passwords. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | IDENTIFICATION AND AUTHENTICATION |
| SPLK-CL-000080 - Splunk Enterprise must use LDAPS for the LDAP connection. | DISA STIG Splunk Enterprise 7.x for Windows v3r1 REST API | Splunk | IDENTIFICATION AND AUTHENTICATION |
| SQL6-D0-008200 - If passwords are used for authentication, SQL Server must transmit only encrypted representations of passwords. | DISA STIG SQL Server 2016 Instance DB Audit v3r4 | MS_SQLDB | IDENTIFICATION AND AUTHENTICATION |
| TCAT-AS-000690 - LDAP authentication must be secured. | DISA STIG Apache Tomcat Application Server 9 v3r1 Middleware | Unix | IDENTIFICATION AND AUTHENTICATION |
| UBTU-18-010104 - The Ubuntu operating system must encrypt all stored passwords with a FIPS 140-2 approved cryptographic hashing algorithm. | DISA STIG Ubuntu 18.04 LTS v2r15 | Unix | IDENTIFICATION AND AUTHENTICATION |
| WBLC-05-000168 - Oracle WebLogic must encrypt passwords during transmission. | Oracle WebLogic Server 12c Linux v2r2 Middleware | Unix | IDENTIFICATION AND AUTHENTICATION |
| WBLC-05-000169 - Oracle WebLogic must utilize encryption when using LDAP for authentication. | Oracle WebLogic Server 12c Linux v2r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| WBLC-05-000169 - Oracle WebLogic must utilize encryption when using LDAP for authentication. | Oracle WebLogic Server 12c Linux v2r2 Middleware | Unix | IDENTIFICATION AND AUTHENTICATION |
| WBLC-05-000169 - Oracle WebLogic must utilize encryption when using LDAP for authentication. | Oracle WebLogic Server 12c Windows v2r2 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WBSP-AS-000170 - The WebSphere Application Server global application security must be enabled - administrative security | DISA IBM WebSphere Traditional 9 STIG v1r1 Middleware | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| WBSP-AS-000170 - The WebSphere Application Server global application security must be enabled - application security | DISA IBM WebSphere Traditional 9 Windows STIG v1r1 | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| WBSP-AS-000170 - The WebSphere Application Server global application security must be enabled - application security | DISA IBM WebSphere Traditional 9 STIG v1r1 Middleware | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| WN10-SO-000110 - Unencrypted passwords must not be sent to third-party SMB Servers. | DISA Microsoft Windows 10 STIG v3r4 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN12-SO-000030 - Unencrypted passwords must not be sent to third-party SMB Servers. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN12-SO-000065 - The system must be configured to prevent the storage of the LAN Manager hash of passwords. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN16-SO-000360 - Windows Server 2016 must be configured to prevent the storage of the LAN Manager hash of passwords. | DISA Windows Server 2016 STIG v2r9 | Windows | IDENTIFICATION AND AUTHENTICATION |
