| AIOS-12-000100 - Apple iOS must be configured to enforce a minimum password length of six characters. | MobileIron - DISA Apple iOS 12 v2r1 | MDM | IDENTIFICATION AND AUTHENTICATION |
| AIOS-13-000100 - Apple iOS/iPadOS must be configured to enforce a minimum password length of six characters. | MobileIron - DISA Apple iOS/iPadOS 13 v2r1 | MDM | IDENTIFICATION AND AUTHENTICATION |
| AMLS-NM-000110 - The Arista Multilayer Switch account of last resort must have a password with a length of 15 characters. | DISA STIG Arista MLS DCS-7000 Series NDM v1r4 | Arista | IDENTIFICATION AND AUTHENTICATION |
| AOSX-13-000590 - The macOS system must enforce a minimum 15-character password length. | DISA STIG Apple Mac OSX 10.13 v2r5 | Unix | IDENTIFICATION AND AUTHENTICATION |
| AOSX-14-003010 - The macOS system must enforce a minimum 15-character password length. | DISA STIG Apple Mac OSX 10.14 v2r6 | Unix | IDENTIFICATION AND AUTHENTICATION |
| AOSX-14-003011 - The macOS system must enforce password complexity by requiring that at least one special character be used - allowSimple | DISA STIG Apple Mac OSX 10.14 v2r6 | Unix | IDENTIFICATION AND AUTHENTICATION |
| AOSX-14-003011 - The macOS system must enforce password complexity by requiring that at least one special character be used - minComplexChars | DISA STIG Apple Mac OSX 10.14 v2r6 | Unix | IDENTIFICATION AND AUTHENTICATION |
| AOSX-15-003011 - The macOS system must enforce password complexity by requiring that at least one special character be used - allowSimple | DISA STIG Apple Mac OSX 10.15 v1r10 | Unix | IDENTIFICATION AND AUTHENTICATION |
| AOSX-15-003011 - The macOS system must enforce password complexity by requiring that at least one special character be used - minComplexChars | DISA STIG Apple Mac OSX 10.15 v1r10 | Unix | IDENTIFICATION AND AUTHENTICATION |
| CISC-ND-000570 - The Cisco router must be configured to enforce password complexity by requiring that at least one uppercase character be used. | DISA STIG Cisco IOS Router NDM v3r2 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| CISC-ND-000570 - The Cisco switch must be configured to enforce password complexity by requiring that at least one uppercase character be used. | DISA STIG Cisco IOS XE Switch NDM v3r2 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| CISC-ND-000580 - The Cisco router must be configured to enforce password complexity by requiring that at least one lowercase character be used. | DISA STIG Cisco IOS Router NDM v3r2 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| CISC-ND-000590 - The Cisco router must be configured to enforce password complexity by requiring that at least one numeric character be used. | DISA STIG Cisco IOS Router NDM v3r2 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| CISC-ND-000600 - The Cisco switch must be configured to enforce password complexity by requiring that at least one special character be used. | DISA STIG Cisco IOS XE Switch NDM v3r2 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| ESXI-65-000031 - The ESXi host must enforce password complexity by requiring that at least one upper-case character be used. | DISA STIG VMware vSphere ESXi 6.5 v2r4 | VMware | IDENTIFICATION AND AUTHENTICATION |
| F5BI-DM-000111 - If multifactor authentication is not supported and passwords must be used, the BIG-IP appliance must enforce password complexity by requiring that at least one upper-case character be used. | DISA F5 BIG-IP Device Management STIG v2r3 | F5 | IDENTIFICATION AND AUTHENTICATION |
| F5BI-DM-000115 - If multifactor authentication is not supported and passwords must be used, the BIG-IP appliance must enforce password complexity by requiring that at least one numeric character be used. | DISA F5 BIG-IP Device Management STIG v2r3 | F5 | IDENTIFICATION AND AUTHENTICATION |
| GOOG-09-000100 - The Google Android Pie must be configured to enforce a minimum password length of six characters. | MobileIron - DISA Google Android 9.x v2r1 | MDM | IDENTIFICATION AND AUTHENTICATION |
| JUNI-ND-000580 - The Juniper router must be configured to enforce password complexity by requiring that at least one lowercase character be used. | DISA STIG Juniper Router NDM v3r1 | Juniper | IDENTIFICATION AND AUTHENTICATION |
| JUNI-ND-000590 - The Juniper router must be configured to enforce password complexity by requiring that at least one numeric character be used. | DISA STIG Juniper Router NDM v3r1 | Juniper | IDENTIFICATION AND AUTHENTICATION |
| O112-C2-014100 - The DBMS must support organizational requirements to enforce password complexity by the number of upper-case characters used. | DISA STIG Oracle 11.2g v2r5 Database | OracleDB | IDENTIFICATION AND AUTHENTICATION |
| O112-C2-014200 - The DBMS must support organizational requirements to enforce password complexity by the number of lower-case characters used. | DISA STIG Oracle 11.2g v2r5 Database | OracleDB | IDENTIFICATION AND AUTHENTICATION |
| O112-C2-015200 - The DBMS must enforce password maximum lifetime restrictions. | DISA STIG Oracle 11.2g v2r5 Database | OracleDB | IDENTIFICATION AND AUTHENTICATION |
| RHEL-06-000050 - The system must require passwords to contain a minimum of 15 characters. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-06-000056 - The system must require passwords to contain at least one numeric character - password-auth. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-06-000057 - The system must require passwords to contain at least one uppercase alphabetic character - password-auth. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-06-000057 - The system must require passwords to contain at least one uppercase alphabetic character - system-auth. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-06-000058 - The system must require passwords to contain at least one special character - password-auth. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-06-000058 - The system must require passwords to contain at least one special character - system-auth. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-06-000059 - The system must require passwords to contain at least one lower-case alphabetic character - password-auth. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-07-010140 - The Red Hat Enterprise Linux operating system must be configured so that when passwords are changed or new passwords are assigned, the new password must contain at least one numeric character. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-07-010150 - The Red Hat Enterprise Linux operating system must be configured so that when passwords are changed or new passwords are established, the new password must contain at least one special character. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-07-010280 - The Red Hat Enterprise Linux operating system must be configured so that passwords are a minimum of 15 characters in length. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | IDENTIFICATION AND AUTHENTICATION |
| SOL-11.1-040010 - User passwords must be changed at least every 60 days. | DISA STIG Solaris 11 SPARC v3r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| SOL-11.1-040030 - The operating system must enforce minimum password lifetime restrictions. | DISA STIG Solaris 11 SPARC v3r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| SOL-11.1-040080 - The operating system must enforce password complexity requiring that at least one lowercase character is used. | DISA STIG Solaris 11 SPARC v3r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| SOL-11.1-040090 - The system must require passwords to contain at least one numeric character. | DISA STIG Solaris 11 SPARC v3r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| SPLK-CL-000340 - Splunk Enterprise must enforce password complexity for the account of last resort by requiring that at least one lowercase character be used. | DISA STIG Splunk Enterprise 7.x for Windows v3r1 REST API | Splunk | IDENTIFICATION AND AUTHENTICATION |
| SPLK-CL-000370 - Splunk Enterprise must enforce password complexity for the account of last resort by requiring that at least one special character be used. | DISA STIG Splunk Enterprise 7.x for Windows v3r1 REST API | Splunk | IDENTIFICATION AND AUTHENTICATION |
| SPLK-CL-000380 - Splunk Enterprise must enforce a 60-day maximum password lifetime restriction for the account of last resort. | DISA STIG Splunk Enterprise 7.x for Windows v3r1 REST API | Splunk | IDENTIFICATION AND AUTHENTICATION |
| UBTU-16-010100 - The Ubuntu operating system must enforce password complexity by requiring that at least one upper-case character be used. | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| UBTU-16-010130 - All passwords must contain at least one special character. | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| UBTU-18-010100 - The Ubuntu operating system must enforce password complexity by requiring that at least one upper-case character be used. | DISA STIG Ubuntu 18.04 LTS v2r15 | Unix | IDENTIFICATION AND AUTHENTICATION |
| WBLC-05-000160 - Oracle WebLogic must enforce minimum password length. | Oracle WebLogic Server 12c Linux v2r1 Middleware | Unix | IDENTIFICATION AND AUTHENTICATION |
| WBLC-05-000160 - Oracle WebLogic must enforce minimum password length. | Oracle WebLogic Server 12c Windows v2r1 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WBLC-05-000162 - Oracle WebLogic must enforce password complexity by the number of upper-case characters used. | Oracle WebLogic Server 12c Linux v2r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| WBLC-05-000163 - Oracle WebLogic must enforce password complexity by the number of lower-case characters used. | Oracle WebLogic Server 12c Linux v2r1 Middleware | Unix | IDENTIFICATION AND AUTHENTICATION |
| WBLC-05-000163 - Oracle WebLogic must enforce password complexity by the number of lower-case characters used. | Oracle WebLogic Server 12c Linux v2r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| WBLC-05-000165 - Oracle WebLogic must enforce password complexity by the number of special characters used. | Oracle WebLogic Server 12c Linux v2r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| WN12-00-000010 - Policy must require application account passwords be at least 15 characters in length. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | IDENTIFICATION AND AUTHENTICATION |
