| 1.1 Ensure Minimum Password Length is set to 14 or higher | CIS Check Point Firewall L1 v1.1.0 | CheckPoint | IDENTIFICATION AND AUTHENTICATION |
| 1.1.3 - AirWatch - Disallow Simple Passcode | AirWatch - CIS Apple iOS 8 v1.0.0 L2 | MDM | IDENTIFICATION AND AUTHENTICATION |
| 1.1.3 - MobileIron - Enable 'Require alphanumeric value' | MobileIron - CIS Google Android 4 v1.0.0 L1 | MDM | IDENTIFICATION AND AUTHENTICATION |
| 1.1.4 - /etc/security/user - 'minlen = 8' | CIS AIX 5.3/6.1 L1 v1.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 1.2 Ensure Disallow Palindromes is selected | CIS Check Point Firewall L1 v1.1.0 | CheckPoint | IDENTIFICATION AND AUTHENTICATION |
| 1.2 Password Security Policy - b) The password must include either three of 'number', 'capital', 'lowercase', 'special-character' or set the 'character-set-num' value to 3-4 | Tenable ZTE ROSNG | ZTE_ROSNG | IDENTIFICATION AND AUTHENTICATION |
| 1.2 Password Security Policy - c) Configure 'strong-password dictionary' and 'same-consecutive' to avoid weak password - same-consecutive | Tenable ZTE ROSNG | ZTE_ROSNG | IDENTIFICATION AND AUTHENTICATION |
| 1.2 Password Security Policy - c) Configure 'strong-password dictionary' and 'same-consecutive' to avoid weak password - strong-password dictionary | Tenable ZTE ROSNG | ZTE_ROSNG | IDENTIFICATION AND AUTHENTICATION |
| 2.1.4 - AirWatch - Set the 'minimum number of character sets' - 'Lower Case' | AirWatch - CIS Google Android 4 v1.0.0 L2 | MDM | IDENTIFICATION AND AUTHENTICATION |
| 2.1.4 - MobileIron - Set the 'minimum number of character sets' | MobileIron - CIS Google Android 4 v1.0.0 L2 | MDM | IDENTIFICATION AND AUTHENTICATION |
| 2.2.3 - AirWatch - Require alphanumeric value | AirWatch - CIS Apple iOS 8 v1.0.0 L2 | MDM | IDENTIFICATION AND AUTHENTICATION |
| 2.2.4 - AirWatch - Set minimum passcode length | AirWatch - CIS Apple iOS 9 v1.0.0 L1 | MDM | IDENTIFICATION AND AUTHENTICATION |
| 2.2.5 - AirWatch - Set Minimum number of complex characters | AirWatch - CIS Apple iOS 8 v1.0.0 L2 | MDM | IDENTIFICATION AND AUTHENTICATION |
| 2.2.5 - MobileIron - Set Minimum number of complex characters | MobileIron - CIS Apple iOS 8 v1.0.0 L2 | MDM | IDENTIFICATION AND AUTHENTICATION |
| 2.6 Set 'Allow simple passwords' to 'False' | CIS Microsoft Exchange Server 2013 CAS v1.1.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.18 Set 'Require alphanumeric password' to 'True' | CIS Microsoft Exchange Server 2013 CAS v1.1.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.18 Set 'Require alphanumeric password' to 'True' | CIS Microsoft Exchange Server 2016 CAS v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 3.1.3 - MobileIron - Set the 'minimum password length' | MobileIron - CIS Apple iOS 8 v1.0.0 L1 | MDM | IDENTIFICATION AND AUTHENTICATION |
| 3.1.4 - AirWatch - Set the 'minimum number of character sets' | AirWatch - CIS Apple iOS 8 v1.0.0 L2 | MDM | IDENTIFICATION AND AUTHENTICATION |
| 3.1.4 - AirWatch - Set the 'minimum number of character sets' | AirWatch - CIS Apple iOS 9 v1.0.0 L2 | MDM | IDENTIFICATION AND AUTHENTICATION |
| 4.2 Establish a password policy for password complexity | CIS VMware ESXi 5.5 v1.2.0 Level 1 | VMware | IDENTIFICATION AND AUTHENTICATION |
| 5.2.3 Complex passwords must contain an Alphabetic Character | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.2.3 Complex passwords must contain an Alphabetic Character - '1 letter' | CIS Apple OSX 10.11 El Capitan L1 v1.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.2.5 Complex passwords must contain a Special Character | CIS Apple OSX 10.11 El Capitan L1 v1.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.2.5 Complex passwords must contain a Symbolic Character | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.3.1 Ensure password creation requirements are configured - dcredit | CIS SUSE Linux Enterprise Server 12 L1 v2.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.3.5 Ensure minimum and maximum requirements are set for password changes - maxclassrepeat | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.3.5 Ensure minimum and maximum requirements are set for password changes - maxrepeat | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 7.2 Set Strong Password Creation Policies - PASSLENGTH = 8 | CIS Solaris 11.2 L1 v1.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 7.2 Set Strong Password Creation Policies - MINUPPER = 1 | CIS Solaris 11.1 L1 v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 9.2.1 Set Password Creation Requirement Parameters Using pam_cracklib - dcredit | CIS Debian Linux 7 L1 v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 9.2.1 Set Password Creation Requirement Parameters Using pam_cracklib - lcredit | CIS Debian Linux 7 L1 v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 9.2.1 Set Password Creation Requirement Parameters Using pam_cracklib - minlen | CIS Debian Linux 7 L1 v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| Brocade - minimum number of lowercase characters set to 1 | Tenable Best Practices Brocade FabricOS | Brocade | IDENTIFICATION AND AUTHENTICATION |
| Brocade - minimum number of punctuation characters set to 1 | Tenable Best Practices Brocade FabricOS | Brocade | IDENTIFICATION AND AUTHENTICATION |
| Configuring a secure password policy for the BIG-IP system - Required Uppercase Characters | Tenable F5 BIG-IP Best Practice Audit | F5 | IDENTIFICATION AND AUTHENTICATION |
| Ensure 'Password Policy' is enabled - minimum-length | Tenable Cisco Firepower Threat Defense Best Practices Audit | Cisco_Firepower | IDENTIFICATION AND AUTHENTICATION |
| Ensure all users last password change date is in the past | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | IDENTIFICATION AND AUTHENTICATION |
| IBM i : Maximum Length of Passwords (QPWDMAXLEN) - '>=8' | IBM System i Security Reference for V7R3 | AS/400 | IDENTIFICATION AND AUTHENTICATION |
| IBM i : Password Level (QPWDLVL) - '>=0' | IBM System i Security Reference for V7R3 | AS/400 | IDENTIFICATION AND AUTHENTICATION |
| IBM i : Password Rules (QPWDRULES) - '*PWDSYSVAL' | IBM System i Security Reference for V7R3 | AS/400 | IDENTIFICATION AND AUTHENTICATION |
| IBM i : Restriction of Consecutive Digits for Passwords (QPWDLMTAJC) - '0' | IBM System i Security Reference for V7R2 | AS/400 | IDENTIFICATION AND AUTHENTICATION |
| Local password complexity - password composition lowercase | ArubaOS Switch 16.x Hardening Guide v1.0.0 | ArubaOS | IDENTIFICATION AND AUTHENTICATION |
| Minimum password length | ArubaOS CX 10.x Hardening Guide v1.0.0 | ArubaOS | IDENTIFICATION AND AUTHENTICATION |
| Password must meet complexity requirement | MSCT Windows Server 2016 DC v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| Password must meet complexity requirements | MSCT Windows 10 v2004 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| Password must meet complexity requirements | MSCT Windows 10 v21H2 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| Password must meet complexity requirements | MSCT Windows Server 1903 MS v1.19.9 | Windows | IDENTIFICATION AND AUTHENTICATION |
| Password must meet complexity requirements | MSCT Windows Server v2004 DC v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| User Authentication Security - Configure a password complexity policy - Upper case characters | Juniper Hardening JunOS 12 Devices Checklist | Juniper | IDENTIFICATION AND AUTHENTICATION |
