| ๐ผ IA-1 Policy and Procedures (L)(M)(H) | | | | |
| ๐ผ IA-2 Identification and Authentication (Organizational Users) (L)(M)(H) | 4 | | | |
| ย ย ย ย ๐ผ IA-2(1) Multi-factor Authentication to Privileged Accounts (L)(M)(H) | | | 2 | |
| ย ย ย ย ๐ผ IA-2(2) Multi-factor Authentication to Non-privileged Accounts (L)(M)(H) | | | 2 | |
| ย ย ย ย ๐ผ IA-2(8) Access to Accounts โ Replay Resistant (L)(M)(H) | | | 2 | |
| ย ย ย ย ๐ผ IA-2(12) Acceptance of PIV Credentials (L)(M)(H) | | | | |
| ๐ผ IA-4 Identifier Management (L)(M)(H) | | | 1 | |
| ๐ผ IA-5 Authenticator Management (L)(M)(H) | 1 | | 17 | |
| ย ย ย ย ๐ผ IA-5(1) Password-based Authentication (L)(M)(H) | | | 4 | |
| ๐ผ IA-6 Authentication Feedback (L)(M)(H) | | | 1 | |
| ๐ผ IA-7 Cryptographic Module Authentication (L)(M)(H) | | | | |
| ๐ผ IA-8 Identification and Authentication (Non-organizational Users) (L)(M)(H) | 3 | | | |
| ย ย ย ย ๐ผ IA-8(1) Acceptance of PIV Credentials from Other Agencies (L)(M)(H) | | | | |
| ย ย ย ย ๐ผ IA-8(2) Acceptance of External Authenticators (L)(M)(H) | | | | |
| ย ย ย ย ๐ผ IA-8(4) Use of Defined Profiles (L)(M)(H) | | | | |
| ๐ผ IA-11 Re-authentication (L)(M)(H) | | | | |