800-53|IA-5f.

Title

AUTHENTICATOR MANAGEMENT

Description

Establishing minimum and maximum lifetime restrictions and reuse conditions for authenticators;

Reference Item Details

Reference: NIST 800-53 - Security and Privacy Controls for Federal Information Systems and Organizations

Category: IDENTIFICATION AND AUTHENTICATION

Family: IDENTIFICATION AND AUTHENTICATION

Baseline Impact: LOW,MODERATE,HIGH

Audit Items

View all Reference Audit Items

Name	Plugin	Audit Name
1.7 Ensure User-Managed/External Keys for Service Accounts Are Rotated Every 90 Days or Fewer	GCP	CIS Google Cloud Platform v3.0.0 L1
5.2.8 Password History	Unix	CIS Apple macOS 10.12 L1 v1.2.0
5.2.8 Password History	Unix	CIS Apple macOS 10.13 L1 v1.1.0
5.4.1.5 Ensure all users last password change date is in the past	Unix	CIS Amazon Linux v2.1.0 L1
5.4.1.5 Ensure all users last password change date is in the past	Unix	CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0
5.4.1.5 Ensure all users last password change date is in the past	Unix	CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0
5.4.1.5 Ensure all users last password change date is in the past	Unix	CIS Ubuntu Linux 18.04 LTS Server L1 v2.0.1
5.4.1.5 Ensure all users last password change date is in the past	Unix	CIS Red Hat EL7 Server L1 v3.0.1
5.4.1.5 Ensure all users last password change date is in the past	Unix	CIS Ubuntu Linux 18.04 LTS Workstation L1 v2.0.1
5.4.1.5 Ensure all users last password change date is in the past	Unix	CIS SUSE Linux Enterprise Server 12 L1 v2.1.0
5.5.1.5 Ensure all users last password change date is in the past	Unix	CIS Red Hat EL8 Workstation L1 v1.0.0
5.5.1.5 Ensure all users last password change date is in the past	Unix	CIS Red Hat EL8 Server L1 v1.0.0
GEN000700 - User passwords must be changed at least every 60 days.	Unix	DISA STIG AIX 5.3 v1r2
GEN000700 - User passwords must be changed at least every 60 days.	Unix	DISA STIG for Oracle Linux 5 v2r1
GEN000700 - User passwords must be changed at least every 60 days.	Unix	DISA STIG AIX 6.1 v1r14
GEN000700 - User passwords must be changed at least every 60 days.	Unix	DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit
Keychain Policy - Key Policy - Endtime	Cisco_ACI	Tenable Cisco ACI