| 3.070 - The system is configured to permit storage of credentials or .NET Passports. | DISA Windows Vista STIG v6r41 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 3.129 - User Account Control - Built In Admin Approval Mode | DISA Windows Vista STIG v6r41 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 3.131 - User Account Control - Behavior of elevation prompt for standard users. | DISA Windows Vista STIG v6r41 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 3.137 - User Account Control - Run all admins in Admin Approval Mode | DISA Windows Vista STIG v6r41 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 5.2.4 Ensure users must provide password for escalation | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.2.5 Ensure users must re-authenticate for privilege escalation | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.2.7 Ensure sudo authentication timeout is configured - sudo command. | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.042 - Terminal Services is not configured to always prompt a client for passwords upon connection. | DISA Windows Vista STIG v6r41 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 5.116 - Terminal Services / Remote Desktop Service - Prevent password saving in the Remote Desktop Client | DISA Windows Vista STIG v6r41 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 5.224 - Power Mgmt - Password Wake on Battery | DISA Windows Vista STIG v6r41 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 5.225 - Power Mgmt - Password Wake When Plugged In | DISA Windows Vista STIG v6r41 | Windows | IDENTIFICATION AND AUTHENTICATION |
| APPL-13-004022 - The macOS system must require users to reauthenticate for privilege escalation when using the 'sudo' command. | DISA STIG Apple macOS 13 v1r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| Big Sur - Require users to reauthenticate for privilege escalation | NIST macOS Big Sur v1.4.0 - All Profiles | Unix | IDENTIFICATION AND AUTHENTICATION |
| Big Sur - Require users to reauthenticate when changing authenticators | NIST macOS Big Sur v1.4.0 - 800-53r5 Low | Unix | IDENTIFICATION AND AUTHENTICATION |
| Big Sur - Require users to reauthenticate when changing authenticators | NIST macOS Big Sur v1.4.0 - 800-53r5 High | Unix | IDENTIFICATION AND AUTHENTICATION |
| Big Sur - Require users to reauthenticate when changing authenticators | NIST macOS Big Sur v1.4.0 - All Profiles | Unix | IDENTIFICATION AND AUTHENTICATION |
| Big Sur - Require users to reauthenticate when changing authenticators | NIST macOS Big Sur v1.4.0 - 800-53r5 Moderate | Unix | IDENTIFICATION AND AUTHENTICATION |
| CASA-VN-000360 - The Cisco ASA VPN gateway must be configured to renegotiate the IKE security association after 24 hours or less. | DISA STIG Cisco ASA VPN v1r3 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| Catalina - Require users to reauthenticate for privilege escalation | NIST macOS Catalina v1.5.0 - All Profiles | Unix | IDENTIFICATION AND AUTHENTICATION |
| Catalina - Require users to reauthenticate when changing authenticators | NIST macOS Catalina v1.5.0 - All Profiles | Unix | IDENTIFICATION AND AUTHENTICATION |
| F5BI-AP-000230 - The F5 BIG-IP appliance must be configured to set a 'Maximum Session Timeout' value of 8 hours or less. | DISA F5 BIG-IP Access Policy Manager STIG v2r3 | F5 | IDENTIFICATION AND AUTHENTICATION |
| MD4X-00-005600 - MongoDB must require users to reauthenticate when organization-defined circumstances or situations require reauthentication. | DISA STIG MongoDB Enterprise Advanced 4.x v1r2 OS | Unix | IDENTIFICATION AND AUTHENTICATION |
| Monterey - Require users to reauthenticate for privilege escalation | NIST macOS Monterey v1.0.0 - All Profiles | Unix | IDENTIFICATION AND AUTHENTICATION |
| Monterey - Require users to reauthenticate when changing authenticators | NIST macOS Monterey v1.0.0 - All Profiles | Unix | IDENTIFICATION AND AUTHENTICATION |
| Monterey - Require users to reauthenticate when changing authenticators | NIST macOS Monterey v1.0.0 - 800-53r5 Moderate | Unix | IDENTIFICATION AND AUTHENTICATION |
| Monterey - Require users to reauthenticate when changing authenticators | NIST macOS Monterey v1.0.0 - 800-53r5 Low | Unix | IDENTIFICATION AND AUTHENTICATION |
| Monterey - Require users to reauthenticate when changing authenticators | NIST macOS Monterey v1.0.0 - 800-53r5 High | Unix | IDENTIFICATION AND AUTHENTICATION |
| MYS8-00-010400 - The MySQL Database Server 8.0 must require users to reauthenticate when organization-defined circumstances or situations require reauthentication. | DISA Oracle MySQL 8.0 v1r5 DB | MySQLDB | IDENTIFICATION AND AUTHENTICATION |
| OL6-00-000537 - The Oracle Linux operating system must require re-authentication when using the 'sudo' command - sudo command. | DISA STIG Oracle Linux 6 v2r7 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL6-00-000539 - The Oracle Linux operating system must not be configured to bypass password requirements for privilege escalation. | DISA STIG Oracle Linux 6 v2r7 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL07-00-010343 - The Oracle Linux operating system must require re-authentication when using the 'sudo' command - sudo command. | DISA Oracle Linux 7 STIG v2r14 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL07-00-010344 - The Oracle Linux operating system must not be configured to bypass password requirements for privilege escalation. | DISA Oracle Linux 7 STIG v2r14 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL07-00-010350 - The Oracle Linux operating system must be configured so users must re-authenticate for privilege escalation. | DISA Oracle Linux 7 STIG v2r14 | Unix | IDENTIFICATION AND AUTHENTICATION |
| PHTN-30-000062 - The Photon operating system must require users to reauthenticate for privilege escalation. | DISA STIG VMware vSphere 7.0 Photon OS v1r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| PHTN-67-000065 - The Photon operating system must require users to reauthenticate for privilege escalation. | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-07-010344 - The Red Hat Enterprise Linux operating system must not be configured to bypass password requirements for privilege escalation. | DISA Red Hat Enterprise Linux 7 STIG v3r14 | Unix | IDENTIFICATION AND AUTHENTICATION |
| SLES-12-010113 - The SUSE operating system must require re-authentication when using the 'sudo' command - sudo command. | DISA SLES 12 STIG v2r13 | Unix | IDENTIFICATION AND AUTHENTICATION |
| SLES-12-010114 - The SUSE operating system must not be configured to bypass password requirements for privilege escalation. | DISA SLES 12 STIG v2r13 | Unix | IDENTIFICATION AND AUTHENTICATION |
| SLES-15-020102 - The SUSE operating system must require re-authentication when using the 'sudo' command. | DISA SLES 15 STIG v1r12 | Unix | IDENTIFICATION AND AUTHENTICATION |
| SLES-15-020104 - The SUSE operating system must not be configured to bypass password requirements for privilege escalation. | DISA SLES 15 STIG v1r12 | Unix | IDENTIFICATION AND AUTHENTICATION |
| SYMP-AG-000310 - Symantec ProxySG providing user authentication intermediary services must require users to reauthenticate every 900 seconds when organization-defined circumstances or situations require reauthentication - coreid | DISA Symantec ProxySG Benchmark ALG v1r3 | BlueCoat | IDENTIFICATION AND AUTHENTICATION |
| SYMP-AG-000310 - Symantec ProxySG providing user authentication intermediary services must require users to reauthenticate every 900 seconds when organization-defined circumstances or situations require reauthentication - iwa | DISA Symantec ProxySG Benchmark ALG v1r3 | BlueCoat | IDENTIFICATION AND AUTHENTICATION |
| SYMP-AG-000310 - Symantec ProxySG providing user authentication intermediary services must require users to reauthenticate every 900 seconds when organization-defined circumstances or situations require reauthentication - RADIUS | DISA Symantec ProxySG Benchmark ALG v1r3 | BlueCoat | IDENTIFICATION AND AUTHENTICATION |
| WN11-CC-000270 - Passwords must not be saved in the Remote Desktop Client. | DISA Windows 11 STIG v1r5 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN11-CC-000280 - Remote Desktop Services must always prompt a client for passwords upon connection. | DISA Windows 11 STIG v1r5 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN11-CC-000355 - The Windows Remote Management (WinRM) service must not store RunAs credentials. | DISA Windows 11 STIG v1r5 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN11-SO-000255 - User Account Control must automatically deny elevation requests for standard users. | DISA Windows 11 STIG v1r5 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN11-SO-000270 - User Account Control must run all administrators in Admin Approval Mode, enabling UAC. | DISA Windows 11 STIG v1r5 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN22-CC-000340 - Windows Server 2022 must not save passwords in the Remote Desktop Client. | DISA Windows Server 2022 STIG v1r4 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN22-CC-000520 - Windows Server 2022 Windows Remote Management (WinRM) service must not store RunAs credentials. | DISA Windows Server 2022 STIG v1r4 | Windows | IDENTIFICATION AND AUTHENTICATION |
