| AIX7-00-001120 - AIX must enforce password complexity by requiring that at least one upper-case character be used. | DISA STIG AIX 7.x v3r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| AIX7-00-001121 - AIX must enforce password complexity by requiring that at least one lower-case character be used. | DISA STIG AIX 7.x v3r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| AIX7-00-001122 - AIX must enforce password complexity by requiring that at least one numeric character be used. | DISA STIG AIX 7.x v3r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| AIX7-00-001123 - AIX must require the change of at least 50% of the total number of characters when passwords are changed. | DISA STIG AIX 7.x v3r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| AIX7-00-001125 - AIX Operating systems must enforce 24 hours/1 day as the minimum password lifetime. | DISA STIG AIX 7.x v3r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| CISC-ND-000550 - The Cisco router must be configured to enforce a minimum 15-character password length. | DISA STIG Cisco IOS XE Router NDM v3r2 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| CISC-ND-000550 - The Cisco switch must be configured to enforce a minimum 15-character password length. | DISA STIG Cisco IOS Switch NDM v3r2 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| CISC-ND-000570 - The Cisco router must be configured to enforce password complexity by requiring that at least one uppercase character be used. | DISA STIG Cisco IOS XE Router NDM v3r2 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| CISC-ND-000570 - The Cisco switch must be configured to enforce password complexity by requiring that at least one uppercase character be used. | DISA STIG Cisco NX-OS Switch NDM v3r2 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| CISC-ND-000580 - The Cisco switch must be configured to enforce password complexity by requiring that at least one lower-case character be used. | DISA STIG Cisco NX-OS Switch NDM v3r2 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| CISC-ND-000590 - The Cisco switch must be configured to enforce password complexity by requiring that at least one numeric character be used. | DISA STIG Cisco NX-OS Switch NDM v3r2 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| CISC-ND-000600 - The Cisco router must be configured to enforce password complexity by requiring that at least one special character be used. | DISA STIG Cisco IOS XE Router NDM v3r2 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| CISC-ND-000600 - The Cisco switch must be configured to enforce password complexity by requiring that at least one special character be used. | DISA STIG Cisco IOS Switch NDM v3r2 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| CISC-ND-000610 - The Cisco switch must be configured to require that when a password is changed, the characters are changed in at least eight of the positions within the password. | DISA STIG Cisco IOS Switch NDM v3r2 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| JUSX-DM-000128 - For local accounts using password authentication (i.e., the root account and the account of last resort), the Juniper SRX Services Gateway must enforce a minimum 15-character password length. | DISA Juniper SRX Services Gateway NDM v3r2 | Juniper | IDENTIFICATION AND AUTHENTICATION |
| JUSX-DM-000129 - For local accounts using password authentication (i.e., the root account and the account of last resort), the Juniper SRX Services Gateway must enforce password complexity by setting the password change type to character sets. | DISA Juniper SRX Services Gateway NDM v3r2 | Juniper | IDENTIFICATION AND AUTHENTICATION |
| JUSX-DM-000132 - For local accounts using password authentication (i.e., the root account and the account of last resort), the Juniper SRX Services Gateway must enforce password complexity by requiring at least one numeric character be used. | DISA Juniper SRX Services Gateway NDM v3r2 | Juniper | IDENTIFICATION AND AUTHENTICATION |
| JUSX-DM-000133 - For local accounts using password authentication (i.e., the root account and the account of last resort), the Juniper SRX Services Gateway must enforce password complexity by requiring at least one special character be used. | DISA Juniper SRX Services Gateway NDM v3r2 | Juniper | IDENTIFICATION AND AUTHENTICATION |
| O121-C2-013900 - The DBMS must support organizational requirements to enforce minimum password length. | DISA STIG Oracle 12c v3r2 Database | OracleDB | IDENTIFICATION AND AUTHENTICATION |
| O121-C2-014300 - The DBMS must support organizational requirements to enforce password complexity by the number of numeric characters used. | DISA STIG Oracle 12c v3r2 Database | OracleDB | IDENTIFICATION AND AUTHENTICATION |
| O121-C2-014400 - The DBMS must support organizational requirements to enforce password complexity by the number of special characters used. | DISA STIG Oracle 12c v3r2 Database | OracleDB | IDENTIFICATION AND AUTHENTICATION |
| O121-C2-014500 - The DBMS must support organizational requirements to enforce the number of characters that get changed when passwords are changed. | DISA STIG Oracle 12c v3r2 Database | OracleDB | IDENTIFICATION AND AUTHENTICATION |
| O121-C2-014900 - Procedures for establishing temporary passwords that meet DOD password requirements for new accounts must be defined, documented, and implemented. | DISA STIG Oracle 12c v3r2 Database | OracleDB | IDENTIFICATION AND AUTHENTICATION |
| OL07-00-010119 - The Oracle Linux operating system must be configured so that when passwords are changed or new passwords are established, pwquality must be used. | DISA Oracle Linux 7 STIG v3r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL07-00-010120 - The Oracle Linux operating system must be configured so that when passwords are changed or new passwords are established, the new password must contain at least one upper-case character. | DISA Oracle Linux 7 STIG v3r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL07-00-010130 - The Oracle Linux operating system must be configured so that when passwords are changed or new passwords are established, the new password must contain at least one lower-case character. | DISA Oracle Linux 7 STIG v3r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL07-00-010140 - The Oracle Linux operating system must be configured so that when passwords are changed or new passwords are assigned, the new password must contain at least one numeric character. | DISA Oracle Linux 7 STIG v3r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL07-00-010150 - The Oracle Linux operating system must be configured so that when passwords are changed or new passwords are established, the new password must contain at least one special character. | DISA Oracle Linux 7 STIG v3r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL07-00-010170 - The Oracle Linux operating system must be configured so that when passwords are changed a minimum of four character classes must be changed. | DISA Oracle Linux 7 STIG v3r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL07-00-010180 - The Oracle Linux operating system must be configured so that when passwords are changed the number of repeating consecutive characters must not be more than three characters. | DISA Oracle Linux 7 STIG v3r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL07-00-010190 - The Oracle Linux operating system must be configured so that when passwords are changed the number of repeating characters of the same character class must not be more than four characters. | DISA Oracle Linux 7 STIG v3r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL07-00-010240 - The Oracle Linux operating system must be configured so that passwords are restricted to a 24 hours/1 day minimum lifetime. | DISA Oracle Linux 7 STIG v3r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL07-00-010250 - The Oracle Linux operating system must be configured so that passwords for new users are restricted to a 60-day maximum lifetime. | DISA Oracle Linux 7 STIG v3r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL07-00-010280 - The Oracle Linux operating system must be configured so that passwords are a minimum of 15 characters in length. | DISA Oracle Linux 7 STIG v3r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| PANW-NM-000056 - If multifactor authentication is not available and passwords must be used, the Palo Alto Networks security platform must enforce password complexity by requiring that at least one lowercase character be used. | DISA STIG Palo Alto NDM v3r2 | Palo_Alto | IDENTIFICATION AND AUTHENTICATION |
| PANW-NM-000058 - If multifactor authentication is not available and passwords must be used, the Palo Alto Networks security platform must enforce password complexity by requiring that at least one special character be used. | DISA STIG Palo Alto NDM v3r2 | Palo_Alto | IDENTIFICATION AND AUTHENTICATION |
| SLES-12-010150 - The SUSE operating system must enforce passwords that contain at least one upper-case character. | DISA SLES 12 STIG v3r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| SLES-12-010180 - The SUSE operating system must enforce passwords that contain at least one special character. | DISA SLES 12 STIG v3r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| SLES-12-010270 - The SUSE operating system must employ user passwords with a minimum lifetime of 24 hours (one day). | DISA SLES 12 STIG v3r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| SLES-12-010280 - The SUSE operating system must be configured to create or update passwords with a maximum lifetime of 60 days. | DISA SLES 12 STIG v3r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| SLES-12-010290 - The SUSE operating system must employ user passwords with a maximum lifetime of 60 days. | DISA SLES 12 STIG v3r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| SQL6-D0-008000 - Contained databases must use Windows principals. | DISA STIG SQL Server 2016 Instance DB Audit v3r2 | MS_SQLDB | IDENTIFICATION AND AUTHENTICATION |
| WN10-00-000090 - Accounts must be configured to require password expiration. | DISA Windows 10 STIG v3r2 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN10-AC-000025 - The maximum password age must be configured to 60 days or less. | DISA Windows 10 STIG v3r2 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN10-AC-000030 - The minimum password age must be configured to at least 1 day. | DISA Windows 10 STIG v3r2 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN19-00-000020 - Windows Server 2019 passwords for the built-in Administrator account must be changed at least every 60 days. | DISA Microsoft Windows Server 2019 STIG v3r3 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN19-00-000050 - Windows Server 2019 manually managed application account passwords must be at least 14 characters in length. | DISA Microsoft Windows Server 2019 STIG v3r3 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN19-00-000210 - Windows Server 2019 passwords must be configured to expire. | DISA Microsoft Windows Server 2019 STIG v3r3 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN19-AC-000060 - Windows Server 2019 minimum password age must be configured to at least one day. | DISA Microsoft Windows Server 2019 STIG v3r3 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN19-AC-000070 - Windows Server 2019 minimum password length must be configured to 14 characters. | DISA Microsoft Windows Server 2019 STIG v3r3 | Windows | IDENTIFICATION AND AUTHENTICATION |
