| 2.1.4 - AirWatch - Set the 'minimum number of character sets' - 'Lower Case' | AirWatch - CIS Google Android 4 v1.0.0 L2 | MDM | IDENTIFICATION AND AUTHENTICATION |
| 2.1.4 - AirWatch - Set the 'minimum number of character sets' - 'Numbers' | AirWatch - CIS Google Android 4 v1.0.0 L2 | MDM | IDENTIFICATION AND AUTHENTICATION |
| 2.1.7 - AirWatch - Set the 'number of days' for 'maximum password age' | AirWatch - CIS Google Android 4 v1.0.0 L2 | MDM | IDENTIFICATION AND AUTHENTICATION |
| 2.2.3 - AirWatch - Require alphanumeric value | AirWatch - CIS Apple iOS 8 v1.0.0 L2 | MDM | IDENTIFICATION AND AUTHENTICATION |
| 2.2.5 - AirWatch - Set Minimum number of complex characters | AirWatch - CIS Apple iOS 8 v1.0.0 L2 | MDM | IDENTIFICATION AND AUTHENTICATION |
| 2.3.6.5 (L1) Ensure 'Domain member: Maximum machine account password age' is set to '30 or fewer days, but not 0' | CIS Microsoft Windows Server 2022 v3.0.0 L1 Domain Controller | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.3.6.5 (L1) Ensure 'Domain member: Maximum machine account password age' is set to '30 or fewer days, but not 0' | CIS Microsoft Windows 11 Enterprise v3.0.0 L1 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.3.6.5 Ensure 'Domain member: Maximum machine account password age' is set to '30 or fewer days, but not 0' | CIS Microsoft Windows 10 Enterprise v2.0.0 L1 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.3.6.5 Ensure 'Domain member: Maximum machine account password age' is set to '30 or fewer days, but not 0' | CIS Microsoft Windows 10 EMS Gateway v2.0.0 L1 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.3.6.5 Ensure 'Domain member: Maximum machine account password age' is set to '30 or fewer days, but not 0' | CIS Microsoft Windows 10 Enterprise v2.0.0 L1 + BL | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.3.7.6 Ensure 'Interactive logon: Prompt user to change password before expiration' is set to 'between 5 and 14 days' | CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.3.7.7 Ensure 'Interactive logon: Prompt user to change password before expiration' is set to 'between 5 and 14 days' | CIS Windows Server 2012 R2 DC L1 v3.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.3.7.7 Ensure 'Interactive logon: Prompt user to change password before expiration' is set to 'between 5 and 14 days' | CIS Windows Server 2012 MS L1 v3.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.3.7.7 Ensure 'Interactive logon: Prompt user to change password before expiration' is set to 'between 5 and 14 days' | CIS Windows Server 2012 DC L1 v3.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.3.7.7 Ensure 'Interactive logon: Prompt user to change password before expiration' is set to 'between 5 and 14 days' | CIS Microsoft Windows Server 2019 Standalone DC L1 vCIS Microsoft Windows Server 2019 Standalone DC L1 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.3.7.7 Ensure 'Interactive logon: Prompt user to change password before expiration' is set to 'between 5 and 14 days' | CIS Microsoft Windows Server 2019 DC L1 v2.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.3.7.7 Ensure 'Interactive logon: Prompt user to change password before expiration' is set to 'between 5 and 14 days' | CIS Windows Server 2012 R2 MS L1 v3.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.3.7.7 Ensure 'Interactive logon: Prompt user to change password before expiration' is set to 'between 5 and 14 days' - between 5 and 14 days | CIS Microsoft Windows 11 Stand-alone v2.0.0 L1 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.3.7.7 Ensure 'Interactive logon: Prompt user to change password before expiration' is set to 'between 5 and 14 days' - between 5 and 14 days | CIS Microsoft Windows 10 Stand-alone v2.0.0 L1 + BL | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.3.7.7 Ensure 'Interactive logon: Prompt user to change password before expiration' is set to 'between 5 and 14 days' - between 5 and 14 days | CIS Microsoft Windows 10 Stand-alone v2.0.0 L1 + NG | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.3.7.8 (L1) Ensure 'Interactive logon: Prompt user to change password before expiration' is set to 'between 5 and 14 days' | CIS Microsoft Windows 11 Enterprise v3.0.0 L1 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.3.7.8 Ensure 'Interactive logon: Prompt user to change password before expiration' is set to 'between 5 and 14 days' | CIS Microsoft Windows 10 Enterprise v2.0.0 L1 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 3.1.2 - AirWatch - Enable 'Require alphanumeric value' | AirWatch - CIS Apple iOS 8 v1.0.0 L2 | MDM | IDENTIFICATION AND AUTHENTICATION |
| 3.1.4 - AirWatch - Set the 'minimum number of character sets' | AirWatch - CIS Apple iOS 8 v1.0.0 L2 | MDM | IDENTIFICATION AND AUTHENTICATION |
| 3.11.8.1 (L1) Ensure 'Do not display the password reveal button' is set to 'Enabled' | CIS Microsoft Intune for Windows 11 v3.0.1 L1 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 5.1.2 All accounts must have a hashed password | CIS IBM AIX 7.2 L1 v1.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.4.1 maxage | CIS IBM AIX 7.2 L1 v1.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 6.1 Setup Client-cert Authentication | CIS Apache Tomcat 7 L2 v1.1.0 Middleware | Unix | IDENTIFICATION AND AUTHENTICATION |
| 18.9.25.7 (L1) Ensure 'Post-authentication actions: Grace period (hours)' is set to 'Enabled: 8 or fewer hours, but not 0' | CIS Microsoft Windows 11 Enterprise v3.0.0 L1 + BL | Windows | IDENTIFICATION AND AUTHENTICATION |
| 18.9.25.7 (L1) Ensure 'Post-authentication actions: Grace period (hours)' is set to 'Enabled: 8 or fewer hours, but not 0' | CIS Microsoft Windows 11 Enterprise v3.0.0 L1 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 18.10.14.1 Ensure 'Do not display the password reveal button' is set to 'Enabled' | CIS Windows Server 2012 DC L1 v3.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 18.10.14.1 Ensure 'Do not display the password reveal button' is set to 'Enabled' | CIS Windows Server 2012 MS L1 v3.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 18.10.14.1 Ensure 'Do not display the password reveal button' is set to 'Enabled' | CIS Microsoft Windows 10 Enterprise v2.0.0 L1 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 18.10.14.1 Ensure 'Do not display the password reveal button' is set to 'Enabled' | CIS Microsoft Windows 10 EMS Gateway v2.0.0 L1 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 18.10.14.1 Ensure 'Do not display the password reveal button' is set to 'Enabled' | CIS Microsoft Windows 10 Enterprise v2.0.0 L1 + BL | Windows | IDENTIFICATION AND AUTHENTICATION |
| 18.10.14.1 Ensure 'Do not display the password reveal button' is set to 'Enabled' - Enabled | CIS Microsoft Windows 10 Stand-alone v2.0.0 L1 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 18.10.14.1 Ensure 'Do not display the password reveal button' is set to 'Enabled' - Enabled | CIS Microsoft Windows 10 Stand-alone v2.0.0 L1 + NG | Windows | IDENTIFICATION AND AUTHENTICATION |
| 18.10.14.1 Ensure 'Do not display the password reveal button' is set to 'Enabled' - Enabled | CIS Microsoft Windows Server 2019 DC L1 v2.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 18.10.14.1 Ensure 'Do not display the password reveal button' is set to 'Enabled' - Enabled | CIS Microsoft Windows Server 2019 MS L1 v2.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| Accounts: Limit local account use of blank passwords to console logon only | MSCT Windows 11 v22H2 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| IBM i : Block Password Change (QPWDCHGBLK) - '>=48' | IBM System i Security Reference for V7R1 and V6R1 | AS/400 | IDENTIFICATION AND AUTHENTICATION |
| IBM i : Maximum Length of Passwords (QPWDMAXLEN) - '<= 8' | IBM iSeries Security Reference v5r4 | AS/400 | IDENTIFICATION AND AUTHENTICATION |
| IBM i : Maximum Length of Passwords (QPWDMAXLEN) - '>=8' | IBM System i Security Reference for V7R1 and V6R1 | AS/400 | IDENTIFICATION AND AUTHENTICATION |
| IBM i : Password Expiration Interval (QPWDEXPITV) - '30..90' | IBM iSeries Security Reference v5r4 | AS/400 | IDENTIFICATION AND AUTHENTICATION |
| IBM i : Password Expiration Interval (QPWDEXPITV) - '90' | IBM System i Security Reference for V7R1 and V6R1 | AS/400 | IDENTIFICATION AND AUTHENTICATION |
| IBM i : Password Rules (QPWDRULES) - '*PWDSYSVAL' | IBM System i Security Reference for V7R1 and V6R1 | AS/400 | IDENTIFICATION AND AUTHENTICATION |
| IBM i : Required Difference in Passwords (QPWDRQDDIF) - '<= 5' | IBM iSeries Security Reference v5r4 | AS/400 | IDENTIFICATION AND AUTHENTICATION |
| IBM i : Requirement for Numeric Character in Passwords (QPWDRQDDGT) - '1' | IBM iSeries Security Reference v5r4 | AS/400 | IDENTIFICATION AND AUTHENTICATION |
| IBM i : Restricted Characters for Passwords (QPWDLMTCHR) | IBM System i Security Reference for V7R1 and V6R1 | AS/400 | IDENTIFICATION AND AUTHENTICATION |
| IBM i : Restriction of Consecutive Digits for Passwords (QPWDLMTAJC) - '0' | IBM System i Security Reference for V7R1 and V6R1 | AS/400 | IDENTIFICATION AND AUTHENTICATION |
