๐ผ IA-5 (1) PASSWORD-BASED AUTHENTICATION
- Contextual name: ๐ผ IA-5 (1) PASSWORD-BASED AUTHENTICATION
- ID:
/frameworks/nist-sp-800-53-r4/ia/05/01 - Located in: ๐ผ IA-5 AUTHENTICATOR MANAGEMENT
Descriptionโ
The information system, for password-based authentication: IA-5 (1)(a) Enforces minimum password complexity of [Assignment: organization-defined requirements for case sensitivity, number of characters, mix of upper-case letters, lower-case letters, numbers, and special characters, including minimum requirements for each type]; IA-5 (1)(b) Enforces at least the following number of changed characters when new passwords are created: [Assignment: organization-defined number]; IA-5 (1)(c) Stores and transmits only cryptographically-protected passwords; IA-5 (1)(d) Enforces password minimum and maximum lifetime restrictions of [Assignment: organization-defined numbers for lifetime minimum, lifetime maximum]; IA-5 (1)(e) Prohibits password reuse for [Assignment: organization-defined number] generations; and IA-5 (1)(f) Allows the use of a temporary password for system logons with an immediate change to a permanent password.
Similarโ
- Internal
- ID:
dec-c-4febd0a5
- ID:
Sub Sectionsโ
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|