| 1.1 - Strong Password policy should be implemented - Minimum Lowercase Characters | TNS Oracle WebLogic Server 10 Linux Best Practices | Unix | IDENTIFICATION AND AUTHENTICATION |
| 1.1 - Strong Password policy should be implemented - Minimum Uppercase Characters | TNS Oracle WebLogic Server 10 Windows Best Practices | Windows | IDENTIFICATION AND AUTHENTICATION |
| 1.2 - Strong Password policy should be implemented - Minimum Numeric or Special Characters | TNS Oracle WebLogic Server 11 Linux Best Practices | Unix | IDENTIFICATION AND AUTHENTICATION |
| 1.240 - Passwords must be restricted to a 24 hours/1 day minimum lifetime. | Tenable Fedora Linux Best Practices v2.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 1.260 - Existing passwords must be restricted to a 60-day maximum lifetime. | Tenable Fedora Linux Best Practices v2.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 1.280 - Passwords must be a minimum of 15 characters in length. | Tenable Fedora Linux Best Practices v2.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 2.3.6.5 (L1) Ensure 'Domain member: Maximum machine account password age' is set to '30 or fewer days, but not 0' | CIS Microsoft Windows Server 2016 v3.0.0 L1 MS | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.3.7.4 (L1) Ensure 'Interactive logon: Prompt user to change password before expiration' is set to 'between 5 and 14 days' | CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 DC | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.3.7.4 (L1) Ensure 'Interactive logon: Prompt user to change password before expiration' is set to 'between 5 and 14 days' | CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 MS | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.3.7.6 (L1) Ensure 'Interactive logon: Prompt user to change password before expiration' is set to 'between 5 and 14 days' | CIS Microsoft Windows Server 2019 Stand-alone v2.0.0 L1 MS | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.3.7.7 (L1) Ensure 'Interactive logon: Prompt user to change password before expiration' is set to 'between 5 and 14 days' | CIS Microsoft Windows Server 2016 STIG v2.0.0 L1 DC | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.3.7.7 (L1) Ensure 'Interactive logon: Prompt user to change password before expiration' is set to 'between 5 and 14 days' | CIS Windows Server 2012 R2 DC L1 v3.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.6 Ensure Password Complexity is Configured - validate_password_dictionary_file | CIS MySQL 5.6 Community Database L1 v2.0.0 | MySQLDB | IDENTIFICATION AND AUTHENTICATION |
| 2.6 Ensure Password Complexity is Configured - validate_password_dictionary_file | CIS MySQL 5.6 Enterprise Database L1 v2.0.0 | MySQLDB | IDENTIFICATION AND AUTHENTICATION |
| 2.6 Ensure Password Complexity is Configured - validate_password_mixed_case_count | CIS MySQL 5.6 Enterprise Database L1 v2.0.0 | MySQLDB | IDENTIFICATION AND AUTHENTICATION |
| 2.7 Ensure Password Complexity is Configured - validate_password_dictionary_file | CIS MySQL 5.7 Enterprise Database L1 v2.0.0 | MySQLDB | IDENTIFICATION AND AUTHENTICATION |
| 2.7 Ensure Password Complexity is Configured - validate_password_mixed_case_count | CIS MySQL 5.7 Community Database L1 v2.0.0 | MySQLDB | IDENTIFICATION AND AUTHENTICATION |
| 2.7 Ensure Password Complexity is Configured - validate_password_policy | CIS MySQL 5.7 Community Database L1 v2.0.0 | MySQLDB | IDENTIFICATION AND AUTHENTICATION |
| 2.7 Ensure Password Complexity is Configured - validate_password_policy | CIS MySQL 5.7 Enterprise Database L1 v2.0.0 | MySQLDB | IDENTIFICATION AND AUTHENTICATION |
| 2.7 Ensure Password Complexity is Configured - validate_password_special_char_count | CIS MySQL 5.7 Enterprise Database L1 v2.0.0 | MySQLDB | IDENTIFICATION AND AUTHENTICATION |
| 5.2.2 Set a minimum password length | CIS Apple macOS 10.12 L1 v1.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.3.1.1 Ensure latest version of pam is installed | CIS Ubuntu Linux 22.04 LTS v2.0.0 L1 Server | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.3.1.2 Ensure libpam-modules is installed | CIS Ubuntu Linux 22.04 LTS v2.0.0 L1 Workstation | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.3.1.2 Ensure libpam-modules is installed | CIS Ubuntu Linux 24.04 LTS v1.0.0 L1 Server | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.3.1.3 Ensure libpam-pwquality is installed | CIS Ubuntu Linux 22.04 LTS v2.0.0 L1 Workstation | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.3.3 Ensure password reuse is limited | CIS SUSE Linux Enterprise Workstation 12 L1 v2.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.3.3 Ensure password reuse is limited | CIS SUSE Linux Enterprise 15 Workstation L1 v1.1.1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.4.1.1 Ensure password expiration is 365 days or less - login.defs | CIS SUSE Linux Enterprise Workstation 12 L1 v2.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.4.1.2 Ensure minimum days between password changes is 7 or more - users | CIS SUSE Linux Enterprise Workstation 12 L1 v2.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 6.1 Setup Client-cert Authentication | CIS Apache Tomcat 7 L2 v1.1.0 Middleware | Unix | IDENTIFICATION AND AUTHENTICATION |
| 6.2.2 Ensure /etc/shadow password fields are not empty | CIS Oracle Linux 7 Server L1 v3.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 6.3.5 Limit Password Reuse 'password sufficient pam_unix.o <existing options> remember=5' | CIS Red Hat Enterprise Linux 5 L1 v2.2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 7.1.2 Set Password Change Minimum Number of Days '7+' | CIS Red Hat Enterprise Linux 5 L1 v2.2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 18.9.16.1 (L1) Ensure 'Do not display the password reveal button' is set to 'Enabled' | CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 DC | Windows | IDENTIFICATION AND AUTHENTICATION |
| 18.9.16.1 Ensure 'Do not display the password reveal button' is set to 'Enabled' | CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DC | Windows | IDENTIFICATION AND AUTHENTICATION |
| 18.9.16.1 Ensure 'Do not display the password reveal button' is set to 'Enabled' | CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MS | Windows | IDENTIFICATION AND AUTHENTICATION |
| 18.10.14.1 (L1) Ensure 'Do not display the password reveal button' is set to 'Enabled' | CIS Microsoft Windows Server 2019 v3.0.1 L1 DC | Windows | IDENTIFICATION AND AUTHENTICATION |
| Accounts: Limit local account use of blank passwords to console logon only | MSCT Windows 10 v21H1 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| Brocade : 'minimum length of the password must be set to 9' | TNS Brocade FabricOS Best Practices | Brocade | IDENTIFICATION AND AUTHENTICATION |
| Brocade : 'sequential characters must be set to 2' | TNS Brocade FabricOS Best Practices | Brocade | IDENTIFICATION AND AUTHENTICATION |
| Fortigate - Password Complexity - 1 non-alphanum character | TNS Fortigate FortiOS Best Practices | FortiGate | IDENTIFICATION AND AUTHENTICATION |
| Fortigate - Password Complexity - at least 1 char | TNS Fortigate FortiOS Best Practices | FortiGate | IDENTIFICATION AND AUTHENTICATION |
| Password Controls - 'history-checking = true' | TNS Check Point GAiA Best Practices | CheckPoint | IDENTIFICATION AND AUTHENTICATION |
| Password must meet complexity requirement | MSCT Windows 10 v1511 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| Password must meet complexity requirements | MSCT Windows 10 v1703 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| Password must meet complexity requirements | MSCT Windows 10 v1709 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| PCI 2.2.3/2.2.3.b/2.2.3.c/8.5.11 Verify common security parameter settings - Password Must Meet Complexity Requirements | PCI v2.0/v3.0 Windows Best Practices | Windows | IDENTIFICATION AND AUTHENTICATION |
| PCI 8.2.3 - Password parameters require both numeric and alphabetic characters - /etc/security/user - 'minother >= 2' | PCI DSS 2.0/3.0 - AIX | Unix | IDENTIFICATION AND AUTHENTICATION |
| PCI 8.2.4 Use passwords containing both numeric and alphabetic characters - 'MINLOWER >= 1' | PCI DSS 2.0/3.0 - Solaris 10 | Unix | IDENTIFICATION AND AUTHENTICATION |
| PCI 8.2.4 Use passwords containing both numeric and alphabetic characters - 'MINUPPER >= 1' | PCI DSS 2.0/3.0 - Solaris 10 | Unix | IDENTIFICATION AND AUTHENTICATION |
