| 3.028 - The built-in Windows password complexity policy must be enabled. | DISA Windows Vista STIG v6r41 | Windows | IDENTIFICATION AND AUTHENTICATION |
| AIX7-00-001120 - AIX must enforce password complexity by requiring that at least one upper-case character be used. | DISA STIG AIX 7.x v2r9 | Unix | IDENTIFICATION AND AUTHENTICATION |
| CISC-ND-000570 - The Cisco router must be configured to enforce password complexity by requiring that at least one upper-case character be used. | DISA STIG Cisco IOS XE Router NDM v2r9 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| CISC-ND-000570 - The Cisco switch must be configured to enforce password complexity by requiring that at least one upper-case character be used. | DISA STIG Cisco NX-OS Switch NDM v2r7 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| ESXI-06-000031 - The VMM must enforce password complexity by requiring that at least one upper-case character be used. | DISA STIG VMware vSphere 6.x ESXi v1r5 | VMware | IDENTIFICATION AND AUTHENTICATION |
| ESXI-65-000031 - The ESXi host must enforce password complexity by requiring that at least one upper-case character be used. | DISA STIG VMware vSphere ESXi 6.5 v2r4 | VMware | IDENTIFICATION AND AUTHENTICATION |
| GEN000600 - The system must require passwords contain at least one uppercase alphabetic character. | DISA STIG for Oracle Linux 5 v2r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| GEN000600 - The system must require passwords to contain at least one uppercase alphabetic character. | DISA STIG Solaris 10 SPARC v2r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| GEN000600 - The system must require passwords to contain at least one uppercase alphabetic character. | DISA STIG Solaris 10 X86 v2r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| GEN000600 - The system must require that passwords contain at least one uppercase alphabetic character. | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | IDENTIFICATION AND AUTHENTICATION |
| GEN000600-2 - Global settings defined in system-auth must be applied in the pam.d definition files - '/etc/pam.d/system-auth' | DISA STIG for Oracle Linux 5 v2r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| GEN000600-2 - Global settings defined in system-auth must be applied in the pam.d definition files - 'link != /etc/pam.d/system-auth' | DISA STIG for Oracle Linux 5 v2r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| GEN000600-2 - Global settings defined in system-auth must be applied in the pam.d definition files - 'link = system-auth-local' | DISA STIG for Oracle Linux 5 v2r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| JUNI-ND-000570 - The Juniper router must be configured to enforce password complexity by requiring that at least one upper-case character be used. | DISA STIG Juniper Router NDM v2r3 | Juniper | IDENTIFICATION AND AUTHENTICATION |
| JUSX-DM-000129 - For local accounts using password authentication (i.e., the root account and the account of last resort), the Juniper SRX Services Gateway must enforce password complexity by setting the password change type to character sets. | DISA Juniper SRX Services Gateway NDM v2r1 | Juniper | IDENTIFICATION AND AUTHENTICATION |
| JUSX-DM-000130 - For local accounts using password authentication (i.e., the root account and the account of last resort), the Juniper SRX Services Gateway must enforce password complexity by requiring at least one upper-case character be used. | DISA Juniper SRX Services Gateway NDM v2r1 | Juniper | IDENTIFICATION AND AUTHENTICATION |
| O112-C2-013900 - The DBMS must support organizational requirements to enforce minimum password length. | DISA STIG Oracle 11.2g v2r3 Database | OracleDB | IDENTIFICATION AND AUTHENTICATION |
| O112-C2-013900 - The DBMS must support organizational requirements to enforce minimum password length. | DISA STIG Oracle 11.2g v2r4 Database | OracleDB | IDENTIFICATION AND AUTHENTICATION |
| O112-C2-014000 - The DBMS must support organizational requirements to prohibit password reuse for the organization-defined number of generations - PASSWORD_REUSE_MAX >= 5 | DISA STIG Oracle 11.2g v2r4 Database | OracleDB | IDENTIFICATION AND AUTHENTICATION |
| O112-C2-014000 - The DBMS must support organizational requirements to prohibit password reuse for the organization-defined number of generations - PASSWORD_REUSE_MAX >= 5 | DISA STIG Oracle 11.2g v2r3 Database | OracleDB | IDENTIFICATION AND AUTHENTICATION |
| O112-C2-014000 - The DBMS must support organizational requirements to prohibit password reuse for the organization-defined number of generations - PASSWORD_REUSE_TIME >= 5 | DISA STIG Oracle 11.2g v2r3 Database | OracleDB | IDENTIFICATION AND AUTHENTICATION |
| O112-C2-014000 - The DBMS must support organizational requirements to prohibit password reuse for the organization-defined number of generations - PASSWORD_REUSE_TIME >= 5 | DISA STIG Oracle 11.2g v2r4 Database | OracleDB | IDENTIFICATION AND AUTHENTICATION |
| O112-C2-014100 - The DBMS must support organizational requirements to enforce password complexity by the number of upper-case characters used. | DISA STIG Oracle 11.2g v2r3 Database | OracleDB | IDENTIFICATION AND AUTHENTICATION |
| O112-C2-014200 - The DBMS must support organizational requirements to enforce password complexity by the number of lower-case characters used. | DISA STIG Oracle 11.2g v2r3 Database | OracleDB | IDENTIFICATION AND AUTHENTICATION |
| O112-C2-014300 - The DBMS must support organizational requirements to enforce password complexity by the number of numeric characters used. | DISA STIG Oracle 11.2g v2r3 Database | OracleDB | IDENTIFICATION AND AUTHENTICATION |
| O112-C2-014400 - The DBMS must support organizational requirements to enforce password complexity by the number of special characters used. | DISA STIG Oracle 11.2g v2r3 Database | OracleDB | IDENTIFICATION AND AUTHENTICATION |
| O112-C2-014500 - The DBMS must support organizational requirements to enforce the number of characters that get changed when passwords are changed. | DISA STIG Oracle 11.2g v2r3 Database | OracleDB | IDENTIFICATION AND AUTHENTICATION |
| O112-C2-014900 - Procedures for establishing temporary passwords that meet DoD password requirements for new accounts must be defined, documented, and implemented. | DISA STIG Oracle 11.2g v2r3 Database | OracleDB | IDENTIFICATION AND AUTHENTICATION |
| O112-C2-015200 - The DBMS must enforce password maximum lifetime restrictions. | DISA STIG Oracle 11.2g v2r4 Database | OracleDB | IDENTIFICATION AND AUTHENTICATION |
| O112-C2-015200 - The DBMS must enforce password maximum lifetime restrictions. | DISA STIG Oracle 11.2g v2r3 Database | OracleDB | IDENTIFICATION AND AUTHENTICATION |
| O121-C2-014100 - The DBMS must support organizational requirements to enforce password complexity by the number of upper-case characters used. | DISA STIG Oracle 12c v2r9 Database | OracleDB | IDENTIFICATION AND AUTHENTICATION |
| OL6-00-000057 - The system must require passwords to contain at least one uppercase alphabetic character - password-auth | DISA STIG Oracle Linux 6 v2r7 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL6-00-000057 - The system must require passwords to contain at least one uppercase alphabetic character - system-auth | DISA STIG Oracle Linux 6 v2r7 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL07-00-010118 - The Oracle Linux operating system must be configured so that /etc/pam.d/passwd implements /etc/pam.d/system-auth when changing passwords. | DISA Oracle Linux 7 STIG v2r14 | Unix | IDENTIFICATION AND AUTHENTICATION |
| PANW-NM-000055 - If multifactor authentication is not available and passwords must be used, the Palo Alto Networks security platform must enforce password complexity by requiring that at least one upper-case character be used. | DISA STIG Palo Alto NDM v2r2 | Palo_Alto | IDENTIFICATION AND AUTHENTICATION |
| RHEL-06-000057 - The system must require passwords to contain at least one uppercase alphabetic character - password-auth. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-06-000057 - The system must require passwords to contain at least one uppercase alphabetic character - system-auth. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| SLES-12-010150 - The SUSE operating system must enforce passwords that contain at least one upper-case character. | DISA SLES 12 STIG v2r13 | Unix | IDENTIFICATION AND AUTHENTICATION |
| SOL-11.1-040070 - The system must require passwords to contain at least one uppercase alphabetic character. | DISA STIG Solaris 11 X86 v2r9 | Unix | IDENTIFICATION AND AUTHENTICATION |
| SPLK-CL-000330 - Splunk Enterprise must enforce password complexity for the account of last resort by requiring that at least one upper-case character be used. | DISA STIG Splunk Enterprise 7.x for Windows v2r4 REST API | Splunk | IDENTIFICATION AND AUTHENTICATION |
| SQL6-D0-007900 - If DBMS authentication using passwords is employed, SQL Server must enforce the DoD standards for password complexity and lifetime. | DISA STIG SQL Server 2016 Instance DB Audit v2r11 | MS_SQLDB | IDENTIFICATION AND AUTHENTICATION |
| SQL6-D0-008000 - Contained databases must use Windows principals. | DISA STIG SQL Server 2016 Instance DB Audit v2r11 | MS_SQLDB | IDENTIFICATION AND AUTHENTICATION |
| UBTU-16-010100 - The Ubuntu operating system must enforce password complexity by requiring that at least one upper-case character be used. | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| UBTU-18-010100 - The Ubuntu operating system must enforce password complexity by requiring that at least one upper-case character be used. | DISA STIG Ubuntu 18.04 LTS v2r13 | Unix | IDENTIFICATION AND AUTHENTICATION |
| VCWN-06-000040 - Passwords must contain at least one uppercase character. | DISA STIG VMware vSphere vCenter 6.x v1r4 | VMware | IDENTIFICATION AND AUTHENTICATION |
| VCWN-65-000040 - The vCenter Server for Windows passwords must contain at least one uppercase character. | DISA STIG VMware vSphere vCenter 6.5 v2r3 | VMware | IDENTIFICATION AND AUTHENTICATION |
| WBLC-05-000162 - Oracle WebLogic must enforce password complexity by the number of upper-case characters used. | Oracle WebLogic Server 12c Linux v2r1 Middleware | Unix | IDENTIFICATION AND AUTHENTICATION |
| WBLC-05-000162 - Oracle WebLogic must enforce password complexity by the number of upper-case characters used. | Oracle WebLogic Server 12c Windows v2r1 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WBLC-05-000162 - Oracle WebLogic must enforce password complexity by the number of upper-case characters used. | Oracle WebLogic Server 12c Linux v2r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| WN22-AC-000080 - Windows Server 2022 must have the built-in Windows password complexity policy enabled. | DISA Windows Server 2022 STIG v1r4 | Windows | IDENTIFICATION AND AUTHENTICATION |
