| AIX7-00-001126 - AIX Operating systems must enforce a 60-day maximum password lifetime restriction. | DISA STIG AIX 7.x v3r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| AIX7-00-001128 - AIX must use Loadable Password Algorithm (LPA) password hashing algorithm. | DISA STIG AIX 7.x v3r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| AIX7-00-001129 - AIX must enforce a minimum 15-character password length. | DISA STIG AIX 7.x v3r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| AIX7-00-001130 - AIX must enforce password complexity by requiring that at least one special character be used. | DISA STIG AIX 7.x v3r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| APPL-14-003060 The macOS system must require passwords contain a minimum of one lowercase character and one uppercase character. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| CISC-ND-000550 - The Cisco router must be configured to enforce a minimum 15-character password length. | DISA STIG Cisco IOS Router NDM v3r2 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| CISC-ND-000570 - The Cisco router must be configured to enforce password complexity by requiring that at least one uppercase character be used. | DISA STIG Cisco IOS Router NDM v3r2 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| CISC-ND-000570 - The Cisco switch must be configured to enforce password complexity by requiring that at least one uppercase character be used. | DISA STIG Cisco IOS Switch NDM v3r2 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| CISC-ND-000580 - The Cisco router must be configured to enforce password complexity by requiring that at least one lowercase character be used. | DISA STIG Cisco IOS Router NDM v3r2 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| CISC-ND-000580 - The Cisco router must be configured to enforce password complexity by requiring that at least one lowercase character be used. | DISA STIG Cisco IOS XE Router NDM v3r2 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| CISC-ND-000580 - The Cisco switch must be configured to enforce password complexity by requiring that at least one lowercase character be used. | DISA STIG Cisco IOS XE Switch NDM v3r2 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| CISC-ND-000580 - The Cisco switch must be configured to enforce password complexity by requiring that at least one lowercase character be used. | DISA STIG Cisco IOS Switch NDM v3r2 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| CISC-ND-000590 - The Cisco router must be configured to enforce password complexity by requiring that at least one numeric character be used. | DISA STIG Cisco IOS Router NDM v3r2 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| CISC-ND-000590 - The Cisco router must be configured to enforce password complexity by requiring that at least one numeric character be used. | DISA STIG Cisco IOS XE Router NDM v3r2 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| CISC-ND-000590 - The Cisco switch must be configured to enforce password complexity by requiring that at least one numeric character be used. | DISA STIG Cisco IOS XE Switch NDM v3r2 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| CISC-ND-000590 - The Cisco switch must be configured to enforce password complexity by requiring that at least one numeric character be used. | DISA STIG Cisco IOS Switch NDM v3r2 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| CISC-ND-000600 - The Cisco switch must be configured to enforce password complexity by requiring that at least one special character be used. | DISA STIG Cisco NX-OS Switch NDM v3r2 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| CISC-ND-000610 - The Cisco router must be configured to require that when a password is changed, the characters are changed in at least eight of the positions within the password. | DISA STIG Cisco IOS Router NDM v3r2 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| CISC-ND-000610 - The Cisco router must be configured to require that when a password is changed, the characters are changed in at least eight of the positions within the password. | DISA STIG Cisco IOS XE Router NDM v3r2 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| CISC-ND-000610 - The Cisco switch must be configured to require that when a password is changed, the characters are changed in at least eight of the positions within the password. | DISA STIG Cisco IOS XE Switch NDM v3r2 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| JUNI-ND-000580 - The Juniper router must be configured to enforce password complexity by requiring that at least one lowercase character be used. | DISA STIG Juniper Router NDM v3r1 | Juniper | IDENTIFICATION AND AUTHENTICATION |
| JUSX-DM-000130 - For local accounts using password authentication (i.e., the root account and the account of last resort), the Juniper SRX Services Gateway must enforce password complexity by requiring at least one uppercase character be used - i.e., the root account and the account of last resort, the Juniper SRX Services Gateway must enforce password complexity by requiring at least one upper-case character be used. | DISA Juniper SRX Services Gateway NDM v3r2 | Juniper | IDENTIFICATION AND AUTHENTICATION |
| JUSX-DM-000131 - For local accounts using password authentication (i.e., the root account and the account of last resort), the Juniper SRX Services Gateway must enforce password complexity by requiring at least one lowercase character be used - i.e., the root account and the account of last resort, the Juniper SRX Services Gateway must enforce password complexity by requiring at least one lower-case character be used. | DISA Juniper SRX Services Gateway NDM v3r2 | Juniper | IDENTIFICATION AND AUTHENTICATION |
| O121-C2-014100 - The DBMS must support organizational requirements to enforce password complexity by the number of uppercase characters used. | DISA STIG Oracle 12c v3r2 Database | OracleDB | IDENTIFICATION AND AUTHENTICATION |
| O121-C2-014200 - The DBMS must support organizational requirements to enforce password complexity by the number of lowercase characters used. | DISA STIG Oracle 12c v3r2 Database | OracleDB | IDENTIFICATION AND AUTHENTICATION |
| O121-C2-015200 - The DBMS must enforce password maximum lifetime restrictions. | DISA STIG Oracle 12c v3r2 Database | OracleDB | IDENTIFICATION AND AUTHENTICATION |
| OL07-00-010118 - The Oracle Linux operating system must be configured so that /etc/pam.d/passwd implements /etc/pam.d/system-auth when changing passwords. | DISA Oracle Linux 7 STIG v3r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL07-00-010160 - The Oracle Linux operating system must be configured so that when passwords are changed a minimum of eight of the total number of characters must be changed. | DISA Oracle Linux 7 STIG v3r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL07-00-010230 - The Oracle Linux operating system must be configured so that passwords for new users are restricted to a 24 hours/1 day minimum lifetime. | DISA Oracle Linux 7 STIG v3r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL07-00-010260 - The Oracle Linux operating system must be configured so that existing passwords are restricted to a 60-day maximum lifetime. | DISA Oracle Linux 7 STIG v3r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| PANW-NM-000053 - If multifactor authentication is not available and passwords must be used, the Palo Alto Networks security platform must enforce a minimum 15-character password length. | DISA STIG Palo Alto NDM v3r2 | Palo_Alto | IDENTIFICATION AND AUTHENTICATION |
| PANW-NM-000055 - If multifactor authentication is not available and passwords must be used, the Palo Alto Networks security platform must enforce password complexity by requiring that at least one uppercase character be used. | DISA STIG Palo Alto NDM v3r2 | Palo_Alto | IDENTIFICATION AND AUTHENTICATION |
| PANW-NM-000057 - If multifactor authentication is not available and passwords must be used, the Palo Alto Networks security platform must enforce password complexity by requiring that at least one numeric character be used. | DISA STIG Palo Alto NDM v3r2 | Palo_Alto | IDENTIFICATION AND AUTHENTICATION |
| PANW-NM-000059 - If multifactor authentication is not available and passwords must be used, the Palo Alto Networks security platform must require that when a password is changed, the characters are changed in at least 8 of the positions within the password. | DISA STIG Palo Alto NDM v3r2 | Palo_Alto | IDENTIFICATION AND AUTHENTICATION |
| SLES-12-010160 - The SUSE operating system must enforce passwords that contain at least one lower-case character. | DISA SLES 12 STIG v3r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| SLES-12-010170 - The SUSE operating system must enforce passwords that contain at least one numeric character. | DISA SLES 12 STIG v3r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| SLES-12-010190 - The SUSE operating system must require the change of at least eight (8) of the total number of characters when passwords are changed. | DISA SLES 12 STIG v3r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| SLES-12-010250 - The SUSE operating system must employ passwords with a minimum of 15 characters. | DISA SLES 12 STIG v3r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| SLES-12-010260 - The SUSE operating system must be configured to create or update passwords with a minimum lifetime of 24 hours (one day). | DISA SLES 12 STIG v3r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| SOL-11.1-040010 - User passwords must be changed at least every 60 days. | DISA STIG Solaris 11 X86 v3r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| SOL-11.1-040040 - User passwords must be at least 15 characters in length. | DISA STIG Solaris 11 SPARC v3r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| SOL-11.1-040060 - The system must require at least eight characters be changed between the old and new passwords during a password change. | DISA STIG Solaris 11 X86 v3r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| SOL-11.1-040090 - The system must require passwords to contain at least one numeric character. | DISA STIG Solaris 11 X86 v3r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| SOL-11.1-040100 - The system must require passwords to contain at least one special character. | DISA STIG Solaris 11 X86 v3r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| SPLK-CL-000330 - Splunk Enterprise must enforce password complexity for the account of last resort by requiring that at least one uppercase character be used. | DISA STIG Splunk Enterprise 7.x for Windows v3r1 REST API | Splunk | IDENTIFICATION AND AUTHENTICATION |
| SPLK-CL-000350 - Splunk Enterprise must enforce password complexity for the account of last resort by requiring that at least one numeric character be used. | DISA STIG Splunk Enterprise 7.x for Windows v3r1 REST API | Splunk | IDENTIFICATION AND AUTHENTICATION |
| SPLK-CL-000360 - Splunk Enterprise must enforce a minimum 15-character password length for the account of last resort. | DISA STIG Splunk Enterprise 7.x for Windows v3r1 REST API | Splunk | IDENTIFICATION AND AUTHENTICATION |
| SQL6-D0-007900 - If DBMS authentication using passwords is employed, SQL Server must enforce the DOD standards for password complexity and lifetime. | DISA STIG SQL Server 2016 Instance DB Audit v3r2 | MS_SQLDB | IDENTIFICATION AND AUTHENTICATION |
| WN10-AC-000035 - Passwords must, at a minimum, be 14 characters. | DISA Windows 10 STIG v3r2 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN19-AC-000050 - Windows Server 2019 maximum password age must be configured to 60 days or less. | DISA Microsoft Windows Server 2019 STIG v3r3 | Windows | IDENTIFICATION AND AUTHENTICATION |
