800-53|IA-5(1)(d)

Title

PASSWORD-BASED AUTHENTICATION

Description

Enforces password minimum and maximum lifetime restrictions of [Assignment: organization-defined numbers for lifetime minimum, lifetime maximum];

Reference Item Details

Reference: NIST 800-53 - Security and Privacy Controls for Federal Information Systems and Organizations

Category: IDENTIFICATION AND AUTHENTICATION

Family: IDENTIFICATION AND AUTHENTICATION

Audit Items

View all Reference Audit Items

Name	Plugin	Audit Name
1.1.1.8 Set 'Minimum password age' to '1 or more day(s)'	Windows	CIS Windows 8 L1 v1.0.0
1.1.1.9 Set 'Maximum password age' to '60 or fewer days'	Windows	CIS Windows 8 L1 v1.0.0
1.1.2 - /etc/security/user - 'minage >= 1'	Unix	CIS AIX 5.3/6.1 L1 v1.1.0
1.1.2 Ensure 'Maximum password age' is set to '60 or fewer days, but not 0'	Windows	CIS Windows 7 Workstation Level 1 v3.2.0
1.1.2 Ensure 'Maximum password age' is set to '60 or fewer days, but not 0'	Windows	CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0
1.1.3 - /etc/security/user - 'maxage <= 13' but not 0	Unix	CIS AIX 5.3/6.1 L1 v1.1.0
1.1.3 Ensure 'Minimum password age' is set to '1 or more day(s)'	Windows	CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0
1.1.3 Ensure 'Minimum password age' is set to '1 or more day(s)'	Windows	CIS Windows 7 Workstation Level 1 v3.2.0
1.1.3.5.4 Set 'Domain member: Maximum machine account password age' to '30 or fewer day(s)'	Windows	CIS Windows 8 L1 v1.0.0
1.1.10 - /etc/security/user - 'maxexpired <= 2'	Unix	CIS AIX 5.3/6.1 L1 v1.1.0
1.2 Password Security Policy - f) The validity period of an account can be configured	ZTE_ROSNG	Tenable ZTE ROSNG
1.2 WN19-00-000020	Windows	CIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II
1.2 WN19-00-000020	Windows	CIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT II
1.3.4 Ensure 'Required Password Change Period' is less than or equal to 90 days	Palo_Alto	CIS Palo Alto Firewall 6 Benchmark L1 v1.0.0
1.3.4 Ensure 'Required Password Change Period' is less than or equal to 90 days	Palo_Alto	CIS Palo Alto Firewall 7 Benchmark L1 v1.0.0
1.4 Ensure 'Automatically Lock' is set to 'Immediately'	MDM	MobileIron - CIS Google Android v1.3.0 L1
1.4 Ensure 'Automatically Lock' is set to 'Immediately'	MDM	AirWatch - CIS Google Android v1.3.0 L1
1.4 Ensure 'Automatically Lock' is set to 'Immediately'	MDM	AirWatch - CIS Google Android 7 v1.0.0 L1
1.4 Ensure 'Automatically Lock' is set to 'Immediately'	MDM	MobileIron - CIS Google Android 7 v1.0.0 L1
1.5 Ensure 'Power button instantly locks' is set to 'Enabled'	MDM	AirWatch - CIS Google Android v1.3.0 L1
1.5 Ensure 'Power button instantly locks' is set to 'Enabled'	MDM	MobileIron - CIS Google Android v1.3.0 L1
1.5 Ensure 'Power button instantly locks' is set to Enabled	MDM	AirWatch - CIS Google Android 7 v1.0.0 L1
1.5 Ensure 'Power button instantly locks' is set to Enabled	MDM	MobileIron - CIS Google Android 7 v1.0.0 L1
1.5 Ensure Password Expiration is set to 90 days	CheckPoint	CIS Check Point Firewall L1 v1.1.0
1.6 WN19-00-000060	Windows	CIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II
1.6 WN19-00-000060	Windows	CIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT II
1.8 Set a system-wide password expiration	SybaseDB	CIS Sybase 15.0 L2 DB v1.1.0
1.21 WN19-00-000210	Windows	CIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT II
1.21 WN19-00-000210	Windows	CIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II
1.30 WN19-00-000300	Windows	CIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II
1.30 WN19-00-000300	Windows	CIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT II
1.31 WN19-00-000310	Windows	CIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II
1.31 WN19-00-000310	Windows	CIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT II
1.52 WN19-AC-000050	Windows	CIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II
1.52 WN19-AC-000050	Windows	CIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT II
1.53 WN19-AC-000060	Windows	CIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT II
1.53 WN19-AC-000060	Windows	CIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II
1.190 WN19-DC-000430	Windows	CIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II
1.217 WN19-SO-000100	Windows	CIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT II
1.217 WN19-SO-000100	Windows	CIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II
10.1.1 Set Password Expiration Days	Unix	CIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0
10.1.1 Set Password Expiration Days	Unix	CIS Debian Linux 7 L1 v1.0.0
10.1.2 Set Password Change Minimum Number of Days	Unix	CIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0
10.1.2 Set Password Change Minimum Number of Days	Unix	CIS Debian Linux 7 L1 v1.0.0
10.1.3 Set Password Expiring Warning Days	Unix	CIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0
10.1.3 Set Password Expiring Warning Days	Unix	CIS Debian Linux 7 L1 v1.0.0
18.2.2 Ensure 'Do not allow password expiration time longer than required by policy' is set to 'Enabled'	Windows	CIS Windows 7 Workstation Level 1 v3.2.0
18.2.2 Ensure 'Do not allow password expiration time longer than required by policy' is set to 'Enabled'	Windows	CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0
18.2.6 Ensure 'Password Settings: Password Age (Days)' is set to 'Enabled: 30 or fewer'	Windows	CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0
18.2.6 Ensure 'Password Settings: Password Age (Days)' is set to 'Enabled: 30 or fewer'	Windows	CIS Windows 7 Workstation Level 1 v3.2.0

Detections

Analytics

800-53|IA-5(1)(d)

Title

Description

Reference Item Details

Audit Items