800-53|IA-5(1)(d)

Title

PASSWORD-BASED AUTHENTICATION

Description

Enforces password minimum and maximum lifetime restrictions of [Assignment: organization-defined numbers for lifetime minimum, lifetime maximum];

Reference Item Details

Category: IDENTIFICATION AND AUTHENTICATION

Family: IDENTIFICATION AND AUTHENTICATION

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.1.1.8 Set 'Minimum password age' to '1 or more day(s)'WindowsCIS Windows 8 L1 v1.0.0
1.1.1.9 Set 'Maximum password age' to '60 or fewer days'WindowsCIS Windows 8 L1 v1.0.0
1.1.2 - /etc/security/user - 'minage >= 1'UnixCIS AIX 5.3/6.1 L1 v1.1.0
1.1.2 Ensure 'Maximum password age' is set to '60 or fewer days, but not 0'WindowsCIS Windows 7 Workstation Level 1 v3.2.0
1.1.2 Ensure 'Maximum password age' is set to '60 or fewer days, but not 0'WindowsCIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0
1.1.3 - /etc/security/user - 'maxage <= 13' but not 0UnixCIS AIX 5.3/6.1 L1 v1.1.0
1.1.3 Ensure 'Minimum password age' is set to '1 or more day(s)'WindowsCIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0
1.1.3 Ensure 'Minimum password age' is set to '1 or more day(s)'WindowsCIS Windows 7 Workstation Level 1 v3.2.0
1.1.3.5.4 Set 'Domain member: Maximum machine account password age' to '30 or fewer day(s)'WindowsCIS Windows 8 L1 v1.0.0
1.1.10 - /etc/security/user - 'maxexpired <= 2'UnixCIS AIX 5.3/6.1 L1 v1.1.0
1.2 Password Security Policy - f) The validity period of an account can be configuredZTE_ROSNGTenable ZTE ROSNG
1.2 WN19-00-000020WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II
1.2 WN19-00-000020WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT II
1.3.4 Ensure 'Required Password Change Period' is less than or equal to 90 daysPalo_AltoCIS Palo Alto Firewall 6 Benchmark L1 v1.0.0
1.3.4 Ensure 'Required Password Change Period' is less than or equal to 90 daysPalo_AltoCIS Palo Alto Firewall 7 Benchmark L1 v1.0.0
1.4 Ensure 'Automatically Lock' is set to 'Immediately'MDMMobileIron - CIS Google Android v1.3.0 L1
1.4 Ensure 'Automatically Lock' is set to 'Immediately'MDMAirWatch - CIS Google Android v1.3.0 L1
1.4 Ensure 'Automatically Lock' is set to 'Immediately'MDMAirWatch - CIS Google Android 7 v1.0.0 L1
1.4 Ensure 'Automatically Lock' is set to 'Immediately'MDMMobileIron - CIS Google Android 7 v1.0.0 L1
1.5 Ensure 'Power button instantly locks' is set to 'Enabled'MDMAirWatch - CIS Google Android v1.3.0 L1
1.5 Ensure 'Power button instantly locks' is set to 'Enabled'MDMMobileIron - CIS Google Android v1.3.0 L1
1.5 Ensure 'Power button instantly locks' is set to EnabledMDMAirWatch - CIS Google Android 7 v1.0.0 L1
1.5 Ensure 'Power button instantly locks' is set to EnabledMDMMobileIron - CIS Google Android 7 v1.0.0 L1
1.5 Ensure Password Expiration is set to 90 daysCheckPointCIS Check Point Firewall L1 v1.1.0
1.6 WN19-00-000060WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II
1.6 WN19-00-000060WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT II
1.8 Set a system-wide password expirationSybaseDBCIS Sybase 15.0 L2 DB v1.1.0
1.21 WN19-00-000210WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT II
1.21 WN19-00-000210WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II
1.30 WN19-00-000300WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II
1.30 WN19-00-000300WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT II
1.31 WN19-00-000310WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II
1.31 WN19-00-000310WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT II
1.52 WN19-AC-000050WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II
1.52 WN19-AC-000050WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT II
1.53 WN19-AC-000060WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT II
1.53 WN19-AC-000060WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II
1.190 WN19-DC-000430WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II
1.217 WN19-SO-000100WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT II
1.217 WN19-SO-000100WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II
10.1.1 Set Password Expiration DaysUnixCIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0
10.1.1 Set Password Expiration DaysUnixCIS Debian Linux 7 L1 v1.0.0
10.1.2 Set Password Change Minimum Number of DaysUnixCIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0
10.1.2 Set Password Change Minimum Number of DaysUnixCIS Debian Linux 7 L1 v1.0.0
10.1.3 Set Password Expiring Warning DaysUnixCIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0
10.1.3 Set Password Expiring Warning DaysUnixCIS Debian Linux 7 L1 v1.0.0
18.2.2 Ensure 'Do not allow password expiration time longer than required by policy' is set to 'Enabled'WindowsCIS Windows 7 Workstation Level 1 v3.2.0
18.2.2 Ensure 'Do not allow password expiration time longer than required by policy' is set to 'Enabled'WindowsCIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0
18.2.6 Ensure 'Password Settings: Password Age (Days)' is set to 'Enabled: 30 or fewer'WindowsCIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0
18.2.6 Ensure 'Password Settings: Password Age (Days)' is set to 'Enabled: 30 or fewer'WindowsCIS Windows 7 Workstation Level 1 v3.2.0