| 3.028 - The built-in Windows password complexity policy must be enabled. | DISA Windows Vista STIG v6r41 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 5.4.1 Ensure password creation requirements are configured - retry | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.4.1 Ensure password creation requirements are configured - ucredit | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | IDENTIFICATION AND AUTHENTICATION |
| AIX7-00-001120 - AIX must enforce password complexity by requiring that at least one upper-case character be used. | DISA STIG AIX 7.x v2r9 | Unix | IDENTIFICATION AND AUTHENTICATION |
| EP11-00-004250 - If DBMS authentication, using passwords, is employed, EDB Postgres Advanced Server must enforce the DoD standards for password complexity and lifetime. | EDB PostgreSQL Advanced Server v11 DB Audit v2r4 | PostgreSQLDB | IDENTIFICATION AND AUTHENTICATION |
| ESXI-65-000031 - The ESXi host must enforce password complexity by requiring that at least one upper-case character be used. | DISA STIG VMware vSphere ESXi 6.5 v2r4 | VMware | IDENTIFICATION AND AUTHENTICATION |
| ESXI-67-000031 - The ESXi host must enforce password complexity by requiring that at least one uppercase character be used. | DISA STIG VMware vSphere 6.7 ESXi v1r3 | VMware | IDENTIFICATION AND AUTHENTICATION |
| ESXI-70-000031 - The ESXi host must be configured with a sufficiently complex password policy. | DISA STIG VMware vSphere 7.0 ESXi v1r2 | VMware | IDENTIFICATION AND AUTHENTICATION |
| F5BI-DM-000111 - If multifactor authentication is not supported and passwords must be used, the BIG-IP appliance must enforce password complexity by requiring that at least one upper-case character be used. | DISA F5 BIG-IP Device Management STIG v2r3 | F5 | IDENTIFICATION AND AUTHENTICATION |
| GEN000600-2 - Global settings defined in system-auth must be applied in the pam.d definition files - '/etc/pam.d/system-auth' | DISA STIG for Oracle Linux 5 v2r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| GEN000600-2 - Global settings defined in system-auth must be applied in the pam.d definition files - 'link != /etc/pam.d/system-auth' | DISA STIG for Oracle Linux 5 v2r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| GEN000600-2 - Global settings defined in system-auth must be applied in the pam.d definition files - 'link = system-auth-local' | DISA STIG for Oracle Linux 5 v2r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| MD3X-00-000320 - If DBMS authentication using passwords is employed, MongoDB must enforce the DoD standards for password complexity and lifetime. | DISA STIG MongoDB Enterprise Advanced 3.x v2r3 OS | Unix | IDENTIFICATION AND AUTHENTICATION |
| O112-C2-013900 - The DBMS must support organizational requirements to enforce minimum password length. | DISA STIG Oracle 11.2g v2r5 Database | OracleDB | IDENTIFICATION AND AUTHENTICATION |
| O112-C2-014000 - The DBMS must support organizational requirements to prohibit password reuse for the organization-defined number of generations. | DISA STIG Oracle 11.2g v2r5 Database | OracleDB | IDENTIFICATION AND AUTHENTICATION |
| O112-C2-014100 - The DBMS must support organizational requirements to enforce password complexity by the number of upper-case characters used. | DISA STIG Oracle 11.2g v2r5 Database | OracleDB | IDENTIFICATION AND AUTHENTICATION |
| O112-C2-014200 - The DBMS must support organizational requirements to enforce password complexity by the number of lower-case characters used. | DISA STIG Oracle 11.2g v2r5 Database | OracleDB | IDENTIFICATION AND AUTHENTICATION |
| O112-C2-014300 - The DBMS must support organizational requirements to enforce password complexity by the number of numeric characters used. | DISA STIG Oracle 11.2g v2r5 Database | OracleDB | IDENTIFICATION AND AUTHENTICATION |
| O112-C2-014400 - The DBMS must support organizational requirements to enforce password complexity by the number of special characters used. | DISA STIG Oracle 11.2g v2r5 Database | OracleDB | IDENTIFICATION AND AUTHENTICATION |
| O112-C2-014500 - The DBMS must support organizational requirements to enforce the number of characters that get changed when passwords are changed. | DISA STIG Oracle 11.2g v2r5 Database | OracleDB | IDENTIFICATION AND AUTHENTICATION |
| O112-C2-014900 - Procedures for establishing temporary passwords that meet DoD password requirements for new accounts must be defined, documented, and implemented. | DISA STIG Oracle 11.2g v2r5 Database | OracleDB | IDENTIFICATION AND AUTHENTICATION |
| O112-C2-015200 - The DBMS must enforce password maximum lifetime restrictions. | DISA STIG Oracle 11.2g v2r5 Database | OracleDB | IDENTIFICATION AND AUTHENTICATION |
| OL6-00-000057 - The system must require passwords to contain at least one uppercase alphabetic character - password-auth | DISA STIG Oracle Linux 6 v2r7 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL6-00-000057 - The system must require passwords to contain at least one uppercase alphabetic character - system-auth | DISA STIG Oracle Linux 6 v2r7 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL07-00-010118 - The Oracle Linux operating system must be configured so that /etc/pam.d/passwd implements /etc/pam.d/system-auth when changing passwords. | DISA Oracle Linux 7 STIG v2r14 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL07-00-010119 - The Oracle Linux operating system must be configured so that when passwords are changed or new passwords are established, pwquality must be used. | DISA Oracle Linux 7 STIG v2r14 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL07-00-010120 - The Oracle Linux operating system must be configured so that when passwords are changed or new passwords are established, the new password must contain at least one upper-case character. | DISA Oracle Linux 7 STIG v2r14 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-06-000057 - The system must require passwords to contain at least one uppercase alphabetic character - password-auth. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-06-000057 - The system must require passwords to contain at least one uppercase alphabetic character - system-auth. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-07-010118 - The Red Hat Enterprise Linux operating system must be configured so that /etc/pam.d/passwd implements /etc/pam.d/system-auth when changing passwords. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-07-010119 - The Red Hat Enterprise Linux operating system must be configured so that when passwords are changed or new passwords are established, pwquality must be used. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-07-010120 - The Red Hat Enterprise Linux operating system must be configured so that when passwords are changed or new passwords are established, the new password must contain at least one upper-case character. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-09-611060 - RHEL 9 must enforce password complexity rules for the root account. | DISA Red Hat Enterprise Linux 9 STIG v2r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| SLES-12-010150 - The SUSE operating system must enforce passwords that contain at least one upper-case character. | DISA SLES 12 STIG v2r13 | Unix | IDENTIFICATION AND AUTHENTICATION |
| SQL2-00-038900 - If SQL Server authentication, using passwords, is employed, SQL Server must enforce the DoD standards for password complexity. | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | IDENTIFICATION AND AUTHENTICATION |
| SQL4-00-038900 - If SQL Server authentication, using passwords, is employed, SQL Server must enforce the DoD standards for password complexity. | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | IDENTIFICATION AND AUTHENTICATION |
| SRG-OS-000069-ESXI5 - The system must require that passwords contain at least one uppercase alphabetic character. | DISA STIG VMWare ESXi Server 5 STIG v2r1 | VMware | IDENTIFICATION AND AUTHENTICATION |
| UBTU-16-010099 - The Ubuntu operating system must be configured so that when passwords are changed or new passwords are established, pwquality must be used - /etc/pam.d/common-password | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| UBTU-16-010100 - The Ubuntu operating system must enforce password complexity by requiring that at least one upper-case character be used. | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| UBTU-18-010100 - The Ubuntu operating system must enforce password complexity by requiring that at least one upper-case character be used. | DISA STIG Ubuntu 18.04 LTS v2r15 | Unix | IDENTIFICATION AND AUTHENTICATION |
| VCWN-65-000040 - The vCenter Server for Windows passwords must contain at least one uppercase character. | DISA STIG VMware vSphere vCenter 6.5 v2r3 | VMware | IDENTIFICATION AND AUTHENTICATION |
| WBLC-05-000162 - Oracle WebLogic must enforce password complexity by the number of upper-case characters used. | Oracle WebLogic Server 12c Linux v2r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| WBLC-05-000162 - Oracle WebLogic must enforce password complexity by the number of upper-case characters used. | Oracle WebLogic Server 12c Linux v2r1 Middleware | Unix | IDENTIFICATION AND AUTHENTICATION |
| WBLC-05-000162 - Oracle WebLogic must enforce password complexity by the number of upper-case characters used. | Oracle WebLogic Server 12c Windows v2r1 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN10-AC-000040 - The built-in Microsoft password complexity filter must be enabled. | DISA Windows 10 STIG v3r2 | Windows | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| WN12-AC-000008 - The built-in Windows password complexity policy must be enabled. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN12-AC-000008 - The built-in Windows password complexity policy must be enabled. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN16-AC-000080 - Windows Server 2016 must have the built-in Windows password complexity policy enabled. | DISA Windows Server 2016 STIG v2r9 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN19-AC-000080 - Windows Server 2019 must have the built-in Windows password complexity policy enabled. | DISA Windows Server 2019 STIG v3r2 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN22-AC-000080 - Windows Server 2022 must have the built-in Windows password complexity policy enabled. | DISA Windows Server 2022 STIG v2r2 | Windows | IDENTIFICATION AND AUTHENTICATION |
