Detections
Analytics

800-53|IA-2(5)

Title

GROUP AUTHENTICATION

Description

The organization requires individuals to be authenticated with an individual authenticator when a group authenticator is employed.

Supplemental

Requiring individuals to use individual authenticators as a second level of authentication helps organizations to mitigate the risk of using group authenticators.

Reference Item Details

Category: IDENTIFICATION AND AUTHENTICATION

Parent Title: IDENTIFICATION AND AUTHENTICATION (ORGANIZATIONAL USERS)

Family: IDENTIFICATION AND AUTHENTICATION

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.23 APPL-14-000090UnixCIS Apple macOS 14 (Sonoma) STIG v1.0.0 CAT II
1.24 APPL-14-000100UnixCIS Apple macOS 14 (Sonoma) STIG v1.0.0 CAT II
1.52 APPL-14-001100UnixCIS Apple macOS 14 (Sonoma) STIG v1.0.0 CAT II
1.74 UBTU-22-411010UnixCIS Ubuntu Linux 22.04 LTS STIG v1.0.0 CAT II
1.81 UBTU-24-400110UnixCIS Ubuntu Linux 24.04 LTS STIG v1.0.0 CAT II
1.98 OL08-00-010550UnixCIS Oracle Linux 8 STIG v1.0.0 CAT II
1.210 RHEL-09-255045UnixCIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II
1.339 RHEL-09-611160UnixCIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II
5.1.20 Ensure sshd PermitRootLogin is disabledUnixCIS Rocky Linux 10 v1.0.0 L1 Workstation
5.1.20 Ensure sshd PermitRootLogin is disabledUnixCIS Rocky Linux 10 v1.0.0 L1 Server
5.1.21 Ensure sshd PermitRootLogin is disabledUnixCIS Red Hat Enterprise Linux 8 STIG v2.0.0 STIG
5.1.21 Ensure sshd PermitRootLogin is disabledUnixCIS Red Hat Enterprise Linux 8 STIG v2.0.0 L1 Server
5.1.21 Ensure sshd PermitRootLogin is disabledUnixCIS Red Hat Enterprise Linux 8 STIG v2.0.0 L1 Workstation
AIX7-00-001011 - Direct logins to the AIX system must not be permitted to shared accounts, default accounts, application accounts, and utility accounts.UnixDISA STIG AIX 7.x v3r1
ALMA-09-034780 - AlmaLinux OS 9 must not permit direct logons to the root account using remote access via SSH.UnixDISA Cloud Linux AlmaLinux OS 9 STIG v1r6
AOSX-13-000565 - The macOS system must require individuals to be authenticated with an individual authenticator prior to using a group authenticator.UnixDISA STIG Apple Mac OSX 10.13 v2r5
AOSX-14-001100 - The macOS system must require individuals to be authenticated with an individual authenticator prior to using a group authenticator.UnixDISA STIG Apple Mac OSX 10.14 v2r6
AOSX-15-001100 - The macOS system must require individuals to be authenticated with an individual authenticator prior to using a group authenticator.UnixDISA STIG Apple Mac OSX 10.15 v1r10
APPL-11-001100 - The macOS system must require individuals to be authenticated with an individual authenticator prior to using a group authenticator.UnixDISA STIG Apple macOS 11 v1r5
APPL-11-001100 - The macOS system must require individuals to be authenticated with an individual authenticator prior to using a group authenticator.UnixDISA STIG Apple macOS 11 v1r8
APPL-12-001100 - The macOS system must require individuals to be authenticated with an individual authenticator prior to using a group authenticator.UnixDISA STIG Apple macOS 12 v1r9
APPL-13-001100 - The macOS system must require individuals to be authenticated with an individual authenticator prior to using a group authenticator.UnixDISA STIG Apple macOS 13 v1r5
APPL-14-000090 - The macOS system must disable logon to other user's active and locked sessions.UnixDISA Apple macOS 14 Sonoma STIG v2r4
APPL-14-000100 - The macOS system must disable root logon.UnixDISA Apple macOS 14 Sonoma STIG v2r4
APPL-14-001100 - The macOS system must disable root logon for SSH.UnixDISA Apple macOS 14 Sonoma STIG v2r4
AZLX-23-001240 - Amazon Linux 2023 must not permit direct logons to the root account using remote access via SSH.UnixDISA Amazon Linux 2023 STIG v1r2
Big Sur - Disable Login to Other User's Active and Locked SessionsUnixNIST macOS Big Sur v1.4.0 - CNSSI 1253
Big Sur - Disable Login to Other User's Active and Locked SessionsUnixNIST macOS Big Sur v1.4.0 - 800-171
Big Sur - Disable Login to Other User's Active and Locked SessionsUnixNIST macOS Big Sur v1.4.0 - 800-53r4 High
Big Sur - Disable Login to Other User's Active and Locked SessionsUnixNIST macOS Big Sur v1.4.0 - 800-53r4 Low
Big Sur - Disable Login to Other User's Active and Locked SessionsUnixNIST macOS Big Sur v1.4.0 - 800-53r5 Low
Big Sur - Disable Login to Other User's Active and Locked SessionsUnixNIST macOS Big Sur v1.4.0 - All Profiles
Big Sur - Disable Login to Other User's Active and Locked SessionsUnixNIST macOS Big Sur v1.4.0 - 800-53r5 High
Big Sur - Disable Login to Other User's Active and Locked SessionsUnixNIST macOS Big Sur v1.4.0 - 800-53r5 Moderate
Big Sur - Disable Login to Other User's Active and Locked SessionsUnixNIST macOS Big Sur v1.4.0 - 800-53r4 Moderate
Big Sur - Disable Root LoginUnixNIST macOS Big Sur v1.4.0 - 800-53r4 Moderate
Big Sur - Disable Root LoginUnixNIST macOS Big Sur v1.4.0 - 800-53r4 Low
Big Sur - Disable Root LoginUnixNIST macOS Big Sur v1.4.0 - 800-53r5 High
Big Sur - Disable Root LoginUnixNIST macOS Big Sur v1.4.0 - All Profiles
Big Sur - Disable Root LoginUnixNIST macOS Big Sur v1.4.0 - 800-53r5 Low
Big Sur - Disable Root LoginUnixNIST macOS Big Sur v1.4.0 - CNSSI 1253
Big Sur - Disable Root LoginUnixNIST macOS Big Sur v1.4.0 - 800-171
Big Sur - Disable Root LoginUnixNIST macOS Big Sur v1.4.0 - 800-53r4 High
Big Sur - Disable Root LoginUnixNIST macOS Big Sur v1.4.0 - 800-53r5 Moderate
Big Sur - Disable Root Login for SSHUnixNIST macOS Big Sur v1.4.0 - All Profiles
Catalina - Disable Login to Other User's Active and Locked SessionsUnixNIST macOS Catalina v1.5.0 - 800-53r5 High
Catalina - Disable Login to Other User's Active and Locked SessionsUnixNIST macOS Catalina v1.5.0 - 800-53r5 Low
Catalina - Disable Login to Other User's Active and Locked SessionsUnixNIST macOS Catalina v1.5.0 - 800-171
Catalina - Disable Login to Other User's Active and Locked SessionsUnixNIST macOS Catalina v1.5.0 - 800-53r5 Moderate
Catalina - Disable Login to Other User's Active and Locked SessionsUnixNIST macOS Catalina v1.5.0 - All Profiles