800-53|IA-5(1)(f)

Title

PASSWORD-BASED AUTHENTICATION

Description

Allows the use of a temporary password for system logons with an immediate change to a permanent password.

Reference Item Details

Category: IDENTIFICATION AND AUTHENTICATION

Family: IDENTIFICATION AND AUTHENTICATION

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.10 Ensure Force users to change password at first login after password was changed from Users page is selectedCheckPointCIS Check Point Firewall L1 v1.1.0
2.4 Password Security - 'security.passwd.firstlogin.enable = on'NetAppTNS NetApp Data ONTAP 7G
AIX7-00-001131 - AIX must implement a way to force an identified temporary user to renew their password at next login.UnixDISA STIG AIX 7.x v2r5
Big Sur - Force Password Change at Next LogonUnixNIST macOS Big Sur v1.4.0 - 800-53r4 High
Big Sur - Force Password Change at Next LogonUnixNIST macOS Big Sur v1.4.0 - 800-53r4 Moderate
Big Sur - Force Password Change at Next LogonUnixNIST macOS Big Sur v1.4.0 - All Profiles
Big Sur - Force Password Change at Next LogonUnixNIST macOS Big Sur v1.4.0 - 800-53r5 Moderate
Big Sur - Force Password Change at Next LogonUnixNIST macOS Big Sur v1.4.0 - 800-171
Big Sur - Force Password Change at Next LogonUnixNIST macOS Big Sur v1.4.0 - CNSSI 1253
Big Sur - Force Password Change at Next LogonUnixNIST macOS Big Sur v1.4.0 - 800-53r5 High
Big Sur - Force Password Change at Next LogonUnixNIST macOS Big Sur v1.4.0 - 800-53r4 Low
Big Sur - Force Password Change at Next LogonUnixNIST macOS Big Sur v1.4.0 - 800-53r5 Low
Catalina - Force Password Change at Next LogonUnixNIST macOS Catalina v1.5.0 - All Profiles
Catalina - Force Password Change at Next LogonUnixNIST macOS Catalina v1.5.0 - 800-53r5 Moderate
Catalina - Force Password Change at Next LogonUnixNIST macOS Catalina v1.5.0 - 800-53r4 Moderate
Catalina - Force Password Change at Next LogonUnixNIST macOS Catalina v1.5.0 - 800-53r4 High
Catalina - Force Password Change at Next LogonUnixNIST macOS Catalina v1.5.0 - 800-171
Catalina - Force Password Change at Next LogonUnixNIST macOS Catalina v1.5.0 - CNSSI 1253
Catalina - Force Password Change at Next LogonUnixNIST macOS Catalina v1.5.0 - 800-53r4 Low
Catalina - Force Password Change at Next LogonUnixNIST macOS Catalina v1.5.0 - 800-53r5 High
Catalina - Force Password Change at Next LogonUnixNIST macOS Catalina v1.5.0 - 800-53r5 Low
DG0066-ORACLE11 - Procedures for establishing temporary passwords that meet DoD password requirements for new accounts should be defined, documented and implemented.UnixDISA STIG Oracle 11 Installation v9r1 Linux
DG0066-ORACLE11 - Procedures for establishing temporary passwords that meet DoD password requirements for new accounts should be defined, documented and implemented.WindowsDISA STIG Oracle 11 Installation v9r1 Windows
DKER-EE-001100 - LDAP integration in Docker Enterprise must be configured.UnixDISA STIG Docker Enterprise 2.x Linux/Unix UCP v2r1
F5BI-DM-000229 - The BIG-IP appliance must be configured to allow the use of a temporary password for system logons with an immediate change to a permanent password.F5DISA F5 BIG-IP Device Management 11.x STIG v2r1
FGFW-ND-000250 - The FortiGate device must not have any default manufacturer passwords when deployed.FortiGateDISA Fortigate Firewall NDM STIG v1r1
Monterey - Force Password Change at Next LogonUnixNIST macOS Monterey v1.0.0 - 800-171
Monterey - Force Password Change at Next LogonUnixNIST macOS Monterey v1.0.0 - 800-53r5 Moderate
Monterey - Force Password Change at Next LogonUnixNIST macOS Monterey v1.0.0 - CNSSI 1253
Monterey - Force Password Change at Next LogonUnixNIST macOS Monterey v1.0.0 - 800-53r5 Low
Monterey - Force Password Change at Next LogonUnixNIST macOS Monterey v1.0.0 - 800-53r4 High
Monterey - Force Password Change at Next LogonUnixNIST macOS Monterey v1.0.0 - 800-53r5 High
Monterey - Force Password Change at Next LogonUnixNIST macOS Monterey v1.0.0 - 800-53r4 Low
Monterey - Force Password Change at Next LogonUnixNIST macOS Monterey v1.0.0 - All Profiles
Monterey - Force Password Change at Next LogonUnixNIST macOS Monterey v1.0.0 - 800-53r4 Moderate
PANW-NM-000114 - The Palo Alto Networks security platform must allow the use of a temporary password for system logons with an immediate change to a permanent password.Palo_AltoDISA STIG Palo Alto NDM v2r1
SYMP-NM-000270 - Symantec ProxySG must not have a default manufacturer passwords when deployed.BlueCoatDISA Symantec ProxySG Benchmark NDM v1r2
UBTU-16-010680 - User accounts with temporary passwords, must require an immediate change to a permanent password after login.UnixDISA STIG Ubuntu 16.04 LTS v2r3
UBTU-18-010112 - The Ubuntu operating system must allow the use of a temporary password for system logons with an immediate change to a permanent password.UnixDISA STIG Ubuntu 18.04 LTS v2r7
UBTU-20-010440 - The Ubuntu operating system must allow the use of a temporary password for system logons with an immediate change to a permanent password.UnixDISA STIG Ubuntu 20.04 LTS v1r4