800-53|IA-5(1)(f)

Title

PASSWORD-BASED AUTHENTICATION

Description

Allows the use of a temporary password for system logons with an immediate change to a permanent password.

Reference Item Details

Reference: NIST 800-53 - Security and Privacy Controls for Federal Information Systems and Organizations

Category: IDENTIFICATION AND AUTHENTICATION

Family: IDENTIFICATION AND AUTHENTICATION

Audit Items

View all Reference Audit Items

Name	Plugin	Audit Name
1.10 Ensure Force users to change password at first login after password was changed from Users page is selected	CheckPoint	CIS Check Point Firewall L1 v1.1.0
2.4 Password Security - 'security.passwd.firstlogin.enable = on'	NetApp	TNS NetApp Data ONTAP 7G
AIX7-00-001131 - AIX must implement a way to force an identified temporary user to renew their password at next login.	Unix	DISA STIG AIX 7.x v2r9
APPL-14-003007 - The macOS system must require passwords contain a minimum of one numeric character.	Unix	DISA Apple macOS 14 (Sonoma) STIG v2r1
APPL-14-003010 - The macOS system must require a minimum password length of 14 characters.	Unix	DISA Apple macOS 14 (Sonoma) STIG v2r1
APPL-14-003011 - The macOS system must require passwords contain a minimum of one special character.	Unix	DISA Apple macOS 14 (Sonoma) STIG v2r1
APPL-14-003060 - The macOS system must require passwords contain a minimum of one lowercase character and one uppercase character.	Unix	DISA Apple macOS 14 (Sonoma) STIG v2r1
Big Sur - Force Password Change at Next Logon	Unix	NIST macOS Big Sur v1.4.0 - 800-53r5 High
Big Sur - Force Password Change at Next Logon	Unix	NIST macOS Big Sur v1.4.0 - 800-53r4 Moderate
Big Sur - Force Password Change at Next Logon	Unix	NIST macOS Big Sur v1.4.0 - 800-53r5 Low
Big Sur - Force Password Change at Next Logon	Unix	NIST macOS Big Sur v1.4.0 - All Profiles
Big Sur - Force Password Change at Next Logon	Unix	NIST macOS Big Sur v1.4.0 - 800-171
Big Sur - Force Password Change at Next Logon	Unix	NIST macOS Big Sur v1.4.0 - 800-53r4 High
Big Sur - Force Password Change at Next Logon	Unix	NIST macOS Big Sur v1.4.0 - CNSSI 1253
Big Sur - Force Password Change at Next Logon	Unix	NIST macOS Big Sur v1.4.0 - 800-53r4 Low
Big Sur - Force Password Change at Next Logon	Unix	NIST macOS Big Sur v1.4.0 - 800-53r5 Moderate
Catalina - Force Password Change at Next Logon	Unix	NIST macOS Catalina v1.5.0 - CNSSI 1253
Catalina - Force Password Change at Next Logon	Unix	NIST macOS Catalina v1.5.0 - All Profiles
Catalina - Force Password Change at Next Logon	Unix	NIST macOS Catalina v1.5.0 - 800-171
Catalina - Force Password Change at Next Logon	Unix	NIST macOS Catalina v1.5.0 - 800-53r4 Low
Catalina - Force Password Change at Next Logon	Unix	NIST macOS Catalina v1.5.0 - 800-53r5 Moderate
Catalina - Force Password Change at Next Logon	Unix	NIST macOS Catalina v1.5.0 - 800-53r4 High
Catalina - Force Password Change at Next Logon	Unix	NIST macOS Catalina v1.5.0 - 800-53r4 Moderate
Catalina - Force Password Change at Next Logon	Unix	NIST macOS Catalina v1.5.0 - 800-53r5 High
Catalina - Force Password Change at Next Logon	Unix	NIST macOS Catalina v1.5.0 - 800-53r5 Low
DKER-EE-001100 - LDAP integration in Docker Enterprise must be configured.	Unix	DISA STIG Docker Enterprise 2.x Linux/Unix UCP v2r2
F5BI-DM-000229 - The BIG-IP appliance must be configured to allow the use of a temporary password for system logons with an immediate change to a permanent password.	F5	DISA F5 BIG-IP Device Management STIG v2r3
FGFW-ND-000250 - The FortiGate device must not have any default manufacturer passwords when deployed.	FortiGate	DISA Fortigate Firewall NDM STIG v1r4
Monterey - Force Password Change at Next Logon	Unix	NIST macOS Monterey v1.0.0 - 800-171
Monterey - Force Password Change at Next Logon	Unix	NIST macOS Monterey v1.0.0 - 800-53r4 High
Monterey - Force Password Change at Next Logon	Unix	NIST macOS Monterey v1.0.0 - 800-53r5 High
Monterey - Force Password Change at Next Logon	Unix	NIST macOS Monterey v1.0.0 - 800-53r5 Moderate
Monterey - Force Password Change at Next Logon	Unix	NIST macOS Monterey v1.0.0 - All Profiles
Monterey - Force Password Change at Next Logon	Unix	NIST macOS Monterey v1.0.0 - CNSSI 1253
Monterey - Force Password Change at Next Logon	Unix	NIST macOS Monterey v1.0.0 - 800-53r4 Low
Monterey - Force Password Change at Next Logon	Unix	NIST macOS Monterey v1.0.0 - 800-53r4 Moderate
Monterey - Force Password Change at Next Logon	Unix	NIST macOS Monterey v1.0.0 - 800-53r5 Low
SYMP-NM-000270 - Symantec ProxySG must not have a default manufacturer passwords when deployed.	BlueCoat	DISA Symantec ProxySG Benchmark NDM v1r2
UBTU-16-010680 - User accounts with temporary passwords, must require an immediate change to a permanent password after login.	Unix	DISA STIG Ubuntu 16.04 LTS v2r3
UBTU-18-010112 - The Ubuntu operating system must allow the use of a temporary password for system logons with an immediate change to a permanent password.	Unix	DISA STIG Ubuntu 18.04 LTS v2r15

Detections

Analytics

800-53|IA-5(1)(f)

Title

Description

Reference Item Details

Audit Items