| 4.019 - Outdated or unused accounts must be removed from the system. | DISA Windows Vista STIG v6r41 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 5.5.1.9 Ensure inactive password lock is 0 days - individuals, groups, roles, and devices if the password expires. | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | IDENTIFICATION AND AUTHENTICATION |
| Big Sur - Disable Accounts after 35 Days of Inactivity | NIST macOS Big Sur v1.4.0 - 800-53r5 Moderate | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Big Sur - Disable Accounts after 35 Days of Inactivity | NIST macOS Big Sur v1.4.0 - 800-53r4 High | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Big Sur - Disable Accounts after 35 Days of Inactivity | NIST macOS Big Sur v1.4.0 - 800-53r4 Low | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Big Sur - Disable Accounts after 35 Days of Inactivity | NIST macOS Big Sur v1.4.0 - 800-53r5 High | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Big Sur - Disable Accounts after 35 Days of Inactivity | NIST macOS Big Sur v1.4.0 - 800-53r4 Moderate | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Big Sur - Disable Accounts after 35 Days of Inactivity | NIST macOS Big Sur v1.4.0 - 800-171 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Big Sur - Disable Accounts after 35 Days of Inactivity | NIST macOS Big Sur v1.4.0 - All Profiles | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Big Sur - Disable Accounts after 35 Days of Inactivity | NIST macOS Big Sur v1.4.0 - CNSSI 1253 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Catalina - Disable Accounts after 35 Days of Inactivity | NIST macOS Catalina v1.5.0 - 800-171 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Catalina - Disable Accounts after 35 Days of Inactivity | NIST macOS Catalina v1.5.0 - All Profiles | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Catalina - Disable Accounts after 35 Days of Inactivity | NIST macOS Catalina v1.5.0 - 800-53r4 Low | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Catalina - Disable Accounts after 35 Days of Inactivity | NIST macOS Catalina v1.5.0 - 800-53r5 Moderate | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Catalina - Disable Accounts after 35 Days of Inactivity | NIST macOS Catalina v1.5.0 - 800-53r4 High | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Catalina - Disable Accounts after 35 Days of Inactivity | NIST macOS Catalina v1.5.0 - 800-53r4 Moderate | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Catalina - Disable Accounts after 35 Days of Inactivity | NIST macOS Catalina v1.5.0 - 800-53r5 High | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Catalina - Disable Accounts after 35 Days of Inactivity | NIST macOS Catalina v1.5.0 - CNSSI 1253 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| GEN000760 - Accounts must be locked upon 35 days of inactivity. | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| GEN006660 - Accounts must be locked upon 35 days of inactivity. | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| JBOS-AS-000290 - JBoss management Interfaces must be integrated with a centralized authentication mechanism that is configured to manage accounts according to DoD policy. | DISA RedHat JBoss EAP 6.3 STIG v2r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| Monterey - Disable Accounts after 35 Days of Inactivity | NIST macOS Monterey v1.0.0 - 800-53r4 Moderate | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Monterey - Disable Accounts after 35 Days of Inactivity | NIST macOS Monterey v1.0.0 - All Profiles | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Monterey - Disable Accounts after 35 Days of Inactivity | NIST macOS Monterey v1.0.0 - 800-53r4 High | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Monterey - Disable Accounts after 35 Days of Inactivity | NIST macOS Monterey v1.0.0 - 800-53r5 High | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Monterey - Disable Accounts after 35 Days of Inactivity | NIST macOS Monterey v1.0.0 - 800-53r5 Moderate | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Monterey - Disable Accounts after 35 Days of Inactivity | NIST macOS Monterey v1.0.0 - 800-171 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Monterey - Disable Accounts after 35 Days of Inactivity | NIST macOS Monterey v1.0.0 - 800-53r4 Low | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Monterey - Disable Accounts after 35 Days of Inactivity | NIST macOS Monterey v1.0.0 - CNSSI 1253 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| OL6-00-000335 - The operating system must manage information system identifiers for users and devices by disabling the user identifier after an organization defined time period of inactivity. | DISA STIG Oracle Linux 6 v2r7 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL07-00-010310 - The Oracle Linux operating system must disable account identifiers (individuals, groups, roles, and devices) if the password expires - individuals, groups, roles, and devices if the password expires. | DISA Oracle Linux 7 STIG v2r14 | Unix | IDENTIFICATION AND AUTHENTICATION |
| PHTN-30-000035 - The Photon operating system must disable new accounts immediately upon password expiration. | DISA STIG VMware vSphere 7.0 Photon OS v1r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| PHTN-67-000036 - The Photon operating system must disable new accounts immediately upon password expiration. | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-06-000335 - The operating system must manage information system identifiers for users and devices by disabling the user identifier after an organization defined time period of inactivity. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-07-010310 - The Red Hat Enterprise Linux operating system must disable account identifiers (individuals, groups, roles, and devices) if the password expires. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-08-020260 - RHEL 8 account identifiers (individuals, groups, roles, and devices) must be disabled after 35 days of inactivity. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-09-411050 - RHEL 9 must disable account identifiers (individuals, groups, roles, and devices) after 35 days of inactivity. | DISA Red Hat Enterprise Linux 9 STIG v2r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| SLES-12-010340 - The SUSE operating system must disable account identifiers (individuals, groups, roles, and devices) after 35 days of inactivity after password expiration. | DISA SLES 12 STIG v2r13 | Unix | IDENTIFICATION AND AUTHENTICATION |
| UBTU-16-010280 - Account identifiers (individuals, groups, roles, and devices) must disabled after 35 days of inactivity. | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| UBTU-18-010445 - The Ubuntu operating system must disable account identifiers (individuals, groups, roles, and devices) after 35 days of inactivity. | DISA STIG Ubuntu 18.04 LTS v2r15 | Unix | IDENTIFICATION AND AUTHENTICATION |
| UBTU-20-010409 - The Ubuntu operating system must disable account identifiers (individuals, groups, roles, and devices) after 35 days of inactivity. | DISA STIG Ubuntu 20.04 LTS v2r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| UBTU-22-411035 - Ubuntu 22.04 LTS must disable account identifiers (individuals, groups, roles, and devices) after 35 days of inactivity. | DISA STIG Canonical Ubuntu 22.04 LTS v2r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| VCSA-70-000059 - The vCenter Server must uniquely identify and authenticate users or processes acting on behalf of users. | DISA STIG VMware vSphere 7.0 vCenter v1r3 | VMware | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| WN10-00-000065 - Unused accounts must be disabled or removed from the system after 35 days of inactivity. | DISA Windows 10 STIG v3r2 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN11-00-000065 - Unused accounts must be disabled or removed from the system after 35 days of inactivity. | DISA Windows 11 STIG v2r2 | Windows | AUDIT AND ACCOUNTABILITY, IDENTIFICATION AND AUTHENTICATION |
| WN12-GE-000014 - Outdated or unused accounts must be removed from the system or disabled. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN12-GE-000014 - Outdated or unused accounts must be removed from the system or disabled. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN16-00-000210 - Outdated or unused accounts must be removed from the system or disabled. | DISA Windows Server 2016 STIG v2r9 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN19-00-000190 - Windows Server 2019 outdated or unused accounts must be removed or disabled. | DISA Windows Server 2019 STIG v3r2 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN22-00-000190 - Windows Server 2022 outdated or unused accounts must be removed or disabled. | DISA Windows Server 2022 STIG v2r2 | Windows | IDENTIFICATION AND AUTHENTICATION |
