| 1.13 OL08-00-010110 | CIS Oracle Linux 8 STIG v1.0.0 CAT II | Unix | IDENTIFICATION AND AUTHENTICATION |
| 1.14 OL08-00-010120 | CIS Oracle Linux 8 STIG v1.0.0 CAT II | Unix | IDENTIFICATION AND AUTHENTICATION |
| 1.16 OL08-00-010130 | CIS Oracle Linux 8 STIG v1.0.0 CAT II | Unix | IDENTIFICATION AND AUTHENTICATION |
| 1.53 WN10-AC-000045 | CIS Microsoft Windows 10 STIG v1.0.0 CAT I | Windows | IDENTIFICATION AND AUTHENTICATION |
| 1.82 UBTU-24-400220 | CIS Ubuntu Linux 24.04 LTS STIG v1.0.0 CAT II | Unix | IDENTIFICATION AND AUTHENTICATION |
| 1.216 WN10-SO-000195 | CIS Microsoft Windows 10 STIG v1.0.0 CAT I | Windows | IDENTIFICATION AND AUTHENTICATION |
| ALMA-09-037200 - AlmaLinux OS 9 PAM must be configured to use a sufficient number of password hashing rounds. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r6 | Unix | IDENTIFICATION AND AUTHENTICATION |
| ALMA-09-037310 - AlmaLinux OS 9 must be configured so that libuser is configured to store only encrypted representations of passwords. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r6 | Unix | IDENTIFICATION AND AUTHENTICATION |
| ALMA-09-037420 - AlmaLinux OS 9 must be configured so that the system's shadow file is configured to store only encrypted representations of passwords. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r6 | Unix | IDENTIFICATION AND AUTHENTICATION |
| ALMA-09-037530 - AlmaLinux OS 9 must be configured so that the Pluggable Authentication Module is configured to store only encrypted representations of passwords. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r6 | Unix | IDENTIFICATION AND AUTHENTICATION |
| ALMA-09-037640 - AlmaLinux OS 9 must be configured so that interactive user account passwords are using strong password hashes. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r6 | Unix | IDENTIFICATION AND AUTHENTICATION |
| AZLX-23-002490 - Amazon Linux 2023 password-auth must be configured to use a sufficient number of hashing rounds. | DISA Amazon Linux 2023 STIG v1r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| AZLX-23-002495 - Amazon Linux 2023 system-auth must be configured to use a sufficient number of hashing rounds. | DISA Amazon Linux 2023 STIG v1r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| CD12-00-009500 - If passwords are used for authentication, PostgreSQL must store only hashed, salted representations of passwords. | DISA STIG Crunchy Data PostgreSQL DB v3r1 | PostgreSQLDB | IDENTIFICATION AND AUTHENTICATION |
| CNTR-K8-001160 - Secrets in Kubernetes must not be stored as environment variables. | DISA STIG Kubernetes v2r5 | Unix | IDENTIFICATION AND AUTHENTICATION |
| CNTR-K8-001161 - Sensitive information must be stored using Kubernetes Secrets or an external Secret store provider. | DISA STIG Kubernetes v2r5 | Unix | IDENTIFICATION AND AUTHENTICATION |
| CNTR-R2-000800 - Rancher RKE2 must store only cryptographic representations of passwords. | DISA Rancher Government Solutions RKE2 STIG v2r5 | Unix | IDENTIFICATION AND AUTHENTICATION |
| EPAS-00-004300 - If passwords are used for authentication, the EDB Postgres Advanced Server must store only hashed, salted representations of passwords. | EnterpriseDB PostgreSQL Advanced Server DB v2r1 | PostgreSQLDB | IDENTIFICATION AND AUTHENTICATION |
| JUEX-NM-000330 - The Juniper EX switch must be configured to only store cryptographic representations of passwords. | DISA Juniper EX Series Network Device Management v2r4 | Juniper | IDENTIFICATION AND AUTHENTICATION |
| MADB-10-003800 - If passwords are used for authentication, MariaDB must store only hashed, salted representations of passwords. | DISA MariaDB Enterprise 10.x v2r4 DB | MySQLDB | IDENTIFICATION AND AUTHENTICATION |
| MYS8-00-005100 - If passwords are used for authentication, the MySQL Database Server 8.0 must store only hashed, salted representations of passwords. | DISA Oracle MySQL 8.0 v2r2 DB | MySQLDB | IDENTIFICATION AND AUTHENTICATION |
| OL08-00-010110 - OL 8 must encrypt all stored passwords with a FIPS 140-2 approved cryptographic hashing algorithm. | DISA Oracle Linux 8 STIG v2r8 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL08-00-010120 - OL 8 must employ FIPS 140-2 approved cryptographic hashing algorithms for all stored passwords. | DISA Oracle Linux 8 STIG v2r8 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL09-00-001050 - OL 9 must be configured so that user and group account administration utilities are configured to store only encrypted representations of passwords. | DISA Oracle Linux 9 STIG v1r5 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL09-00-001055 - OL 9 must be configured to use the shadow file to store only encrypted representations of passwords. | DISA Oracle Linux 9 STIG v1r5 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL09-00-001060 - OL 9 pam_unix.so module must be configured in the password-auth file to use a FIPS 140-3 approved cryptographic hashing algorithm for system authentication. | DISA Oracle Linux 9 STIG v1r5 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL09-00-001065 - OL 9 password-auth must be configured to use a sufficient number of hashing rounds. | DISA Oracle Linux 9 STIG v1r5 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL09-00-001070 - OL 9 system-auth must be configured to use a sufficient number of hashing rounds. | DISA Oracle Linux 9 STIG v1r5 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL09-00-001075 - OL 9 shadow password suite must be configured to use a sufficient number of hashing rounds. | DISA Oracle Linux 9 STIG v1r5 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL09-00-001080 - OL 9 must employ FIPS 140-3 approved cryptographic hashing algorithms for all stored passwords. | DISA Oracle Linux 9 STIG v1r5 | Unix | IDENTIFICATION AND AUTHENTICATION |
| PHTN-40-000039 - The operating system must store only encrypted representations of passwords. | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-08-010110 - RHEL 8 must encrypt all stored passwords with a FIPS 140-2 approved cryptographic hashing algorithm. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-08-010120 - RHEL 8 must employ FIPS 140-2 approved cryptographic hashing algorithms for all stored passwords. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-08-010130 - The RHEL 8 shadow password suite must be configured to use a sufficient number of hashing rounds. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-09-611135 - RHEL 9 must be configured so that user and group account administration utilities are configured to store only encrypted representations of passwords. | DISA Red Hat Enterprise Linux 9 STIG v2r8 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-09-611140 - RHEL 9 must be configured to use the shadow file to store only encrypted representations of passwords. | DISA Red Hat Enterprise Linux 9 STIG v2r8 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-10-600650 - RHEL 10 must ensure that the pam_unix.so module is configured in the password-auth file to use a FIPS 140-3-approved cryptographic hashing algorithm for system authentication. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-10-600700 - RHEL 10 must be configured to use a sufficient number of hashing rounds for the shadow password suite. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-10-600710 - RHEL 10 must be configured to use a FIPS 140-3-approved cryptographic hashing algorithm for system authentication by ensuring that the pam_unix.so module is configured in the "system-auth" file. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-10-600720 - RHEL 10 must be configured so that password-auth uses a sufficient number of hashing rounds. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-10-600730 - RHEL 10 must employ FIPS 140-3-approved cryptographic hashing algorithms for all stored passwords. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-10-600740 - RHEL 10 must be configured to use the shadow file to store only encrypted representations of passwords. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-10-600750 - RHEL 10 must be configured so that user and group account administration utilities are configured to store only encrypted representations of passwords. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| SLES-15-020170 - The SUSE operating system must configure the Linux Pluggable Authentication Modules (PAM) to only store encrypted representations of passwords. | DISA SUSE Linux Enterprise Server 15 STIG v2r6 | Unix | IDENTIFICATION AND AUTHENTICATION |
| UBTU-20-010070 - The Ubuntu operating system must prohibit password reuse for a minimum of five generations. | DISA Canonical Ubuntu 20.04 LTS STIG v2r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| UBTU-22-611055 - Ubuntu 22.04 LTS must store only encrypted representations of passwords. | DISA Canonical Ubuntu 22.04 LTS STIG v2r8 | Unix | IDENTIFICATION AND AUTHENTICATION |
| UBTU-24-400220 - Ubuntu 24.04 LTS must store only encrypted representations of passwords. | DISA Canonical Ubuntu 24.04 LTS STIG v1r5 | Unix | IDENTIFICATION AND AUTHENTICATION |
| WN11-AC-000045 - Reversible password encryption must be disabled. | DISA Microsoft Windows 11 STIG v2r7 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN22-SO-000300 - Windows Server 2022 must be configured to prevent the storage of the LAN Manager hash of passwords. | DISA Microsoft Windows Server 2022 STIG v2r8 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN25-AC-000090 - Windows Server 2025 reversible password encryption must be disabled. | DISA Microsoft Windows Server 2025 STIG v1r1 | Windows | IDENTIFICATION AND AUTHENTICATION |
