CCI|CCI-000196

Title

The information system, for password-based authentication, stores only cryptographically-protected passwords.

Reference Item Details

Category: 2024

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.13 OL08-00-010110UnixCIS Oracle Linux 8 STIG v1.0.0 CAT II
1.14 OL08-00-010120UnixCIS Oracle Linux 8 STIG v1.0.0 CAT II
1.15 IBMW-LS-000440UnixCIS IBM WebSphere Liberty Server STIG v1.0.0 CAT I
1.16 OL08-00-010130UnixCIS Oracle Linux 8 STIG v1.0.0 CAT II
1.24 CISC-ND-000620CiscoCIS Cisco IOS Switch NDM STIG v1.1.0 CAT I
1.32 MADB-10-003800UnixCIS MariaDB Enterprise 10.x STIG v1.1.0 CAT I Unix
1.53 WN10-AC-000045WindowsCIS Microsoft Windows 10 STIG v1.0.0 CAT I
1.56 WN16-AC-000090WindowsCIS Microsoft Windows Server 2016 STIG v4.0.0 MS CAT I
1.56 WN16-AC-000090WindowsCIS Microsoft Windows Server 2016 STIG v4.0.0 DC CAT I
1.56 WN19-AC-000090WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT I
1.56 WN19-AC-000090WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT I
1.56 WN22-AC-000090WindowsCIS Microsoft Windows Server 2022 STIG v3.0.0 DC CAT I
1.56 WN22-AC-000090WindowsCIS Microsoft Windows Server 2022 STIG v3.0.0 MS CAT I
1.70 O19C-00-014800OracleDBCIS Oracle Database 19c STIG v1.1.0 CAT I OracleDB
1.82 UBTU-24-400220UnixCIS Ubuntu Linux 24.04 LTS STIG v1.0.0 CAT II
1.84 SOL-11.1-040130UnixCIS Solaris 11 SPARC STIG v1.0.0 CAT II
1.84 SOL-11.1-040130UnixCIS Solaris 11 X86 STIG v1.0.0 CAT II
1.91 SLES-15-020170UnixCIS SUSE Linux Enterprise Server 15 STIG v1.0.0 CAT II
1.92 SLES-15-020180UnixCIS SUSE Linux Enterprise Server 15 STIG v1.0.0 CAT II
1.94 SLES-15-020190UnixCIS SUSE Linux Enterprise Server 15 STIG v1.0.0 CAT II
1.98 UBTU-22-611055UnixCIS Ubuntu Linux 22.04 LTS STIG v1.0.0 CAT II
1.216 WN10-SO-000195WindowsCIS Microsoft Windows 10 STIG v1.0.0 CAT I
1.235 WN16-SO-000360WindowsCIS Microsoft Windows Server 2016 STIG v4.0.0 DC CAT I
1.235 WN16-SO-000360WindowsCIS Microsoft Windows Server 2016 STIG v4.0.0 MS CAT I
1.237 WN19-SO-000300WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT I
1.237 WN19-SO-000300WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT I
1.237 WN22-SO-000300WindowsCIS Microsoft Windows Server 2022 STIG v3.0.0 DC CAT I
1.237 WN22-SO-000300WindowsCIS Microsoft Windows Server 2022 STIG v3.0.0 MS CAT I
1.319 RHEL-09-611050UnixCIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II
1.320 RHEL-09-611055UnixCIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II
1.335 RHEL-09-611135UnixCIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II
1.336 RHEL-09-611140UnixCIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II
1.447 RHEL-09-671015UnixCIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II
1.449 RHEL-09-671025UnixCIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II
3.057 - Reversible password encryption is not disabled.WindowsDISA Windows Vista STIG v6r41
3.073 - The system must be configured to prevent the storage of the LAN Manager hash of passwords.WindowsDISA Windows Vista STIG v6r41
5.4.3 Ensure password hashing algorithm is SHA-512UnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
5.5.1.6 Ensure shadow file is configured to use only encrypted representations of passwordsUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
5.5.6 Ensure user and group account administration utilities are configured to store only encrypted representations of passwordsUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
AIX7-00-001007 - If AIX is using LDAP for authentication or account information, the /etc/ldap.conf file (or equivalent) must not contain passwords.UnixDISA IBM AIX 7.x STIG v3r2
AIX7-00-003101 - The AIX system must have no .netrc files on the system.UnixDISA IBM AIX 7.x STIG v3r2
Big Sur - Encrypt Stored PasswordsUnixNIST macOS Big Sur v1.4.0 - 800-53r5 Low
Big Sur - Encrypt Stored PasswordsUnixNIST macOS Big Sur v1.4.0 - 800-53r5 Moderate
Big Sur - Encrypt Stored PasswordsUnixNIST macOS Big Sur v1.4.0 - All Profiles
Big Sur - Encrypt Stored PasswordsUnixNIST macOS Big Sur v1.4.0 - 800-171
Big Sur - Encrypt Stored PasswordsUnixNIST macOS Big Sur v1.4.0 - 800-53r4 High
Big Sur - Encrypt Stored PasswordsUnixNIST macOS Big Sur v1.4.0 - 800-53r4 Low
Big Sur - Encrypt Stored PasswordsUnixNIST macOS Big Sur v1.4.0 - 800-53r4 Moderate
Big Sur - Encrypt Stored PasswordsUnixNIST macOS Big Sur v1.4.0 - 800-53r5 High
Big Sur - Encrypt Stored PasswordsUnixNIST macOS Big Sur v1.4.0 - CNSSI 1253