Detections
Analytics

CCI|CCI-000206

Title

The information system obscures feedback of authentication information during the authentication process to protect the information from possible exploitation/use by unauthorized individuals.

Description

The feedback from the information system does not provide information that would allow an unauthorized user to compromise the authentication mechanism. Displaying asterisks when a user types in a password is an example of obscuring feedback of authentication information.

Reference Item Details

Category: 2009

Audit Items

View all Reference Audit Items

NamePluginAudit Name
APPL-14-003012 - The macOS system must disable password hints.UnixDISA Apple macOS 14 (Sonoma) STIG v1r2
APPL-14-003014 - The macOS system must remove password hints from user accounts.UnixDISA Apple macOS 14 (Sonoma) STIG v1r2
Big Sur - Obscure PasswordsUnixNIST macOS Big Sur v1.4.0 - All Profiles
Big Sur - Obscure PasswordsUnixNIST macOS Big Sur v1.4.0 - 800-171
Big Sur - Obscure PasswordsUnixNIST macOS Big Sur v1.4.0 - 800-53r4 High
Big Sur - Obscure PasswordsUnixNIST macOS Big Sur v1.4.0 - 800-53r5 Low
Big Sur - Obscure PasswordsUnixNIST macOS Big Sur v1.4.0 - CNSSI 1253
Big Sur - Obscure PasswordsUnixNIST macOS Big Sur v1.4.0 - 800-53r4 Low
Big Sur - Obscure PasswordsUnixNIST macOS Big Sur v1.4.0 - 800-53r4 Moderate
Big Sur - Obscure PasswordsUnixNIST macOS Big Sur v1.4.0 - 800-53r5 High
Big Sur - Obscure PasswordsUnixNIST macOS Big Sur v1.4.0 - 800-53r5 Moderate
Catalina - Obscure PasswordsUnixNIST macOS Catalina v1.5.0 - 800-53r4 Low
Catalina - Obscure PasswordsUnixNIST macOS Catalina v1.5.0 - 800-53r5 Moderate
Catalina - Obscure PasswordsUnixNIST macOS Catalina v1.5.0 - All Profiles
Catalina - Obscure PasswordsUnixNIST macOS Catalina v1.5.0 - 800-53r5 High
Catalina - Obscure PasswordsUnixNIST macOS Catalina v1.5.0 - CNSSI 1253
Catalina - Obscure PasswordsUnixNIST macOS Catalina v1.5.0 - 800-171
Catalina - Obscure PasswordsUnixNIST macOS Catalina v1.5.0 - 800-53r4 Moderate
Catalina - Obscure PasswordsUnixNIST macOS Catalina v1.5.0 - 800-53r5 Low
Catalina - Obscure PasswordsUnixNIST macOS Catalina v1.5.0 - 800-53r4 High
DB2X-00-004510 - Applications using the database must obscure feedback of authentication information during the authentication process to protect the information from possible exploitation/use by unauthorized individuals.IBM_DB2DBDISA STIG IBM DB2 v10.5 LUW v2r1 Database
DB2X-00-004510 - Applications using the database must obscure feedback of authentication information during the authentication process to protect the information from possible exploitation/use by unauthorized individuals.IBM_DB2DBDISA STIG IBM DB2 v10.5 LUW v1r4 Database
DB2X-00-004520 - When using command-line tools such as db2, users must use a Connect method that does not expose the password.IBM_DB2DBDISA STIG IBM DB2 v10.5 LUW v2r1 Database
DB2X-00-004520 - When using command-line tools such as db2, users must use a Connect method that does not expose the password.IBM_DB2DBDISA STIG IBM DB2 v10.5 LUW v1r4 Database
EP11-00-004810 - Applications must obscure feedback of authentication information during the authentication process to protect the information from possible exploitation/use by unauthorized individuals.PostgreSQLDBEDB PostgreSQL Advanced Server v11 DB Audit v2r3
EP11-00-004810 - Applications must obscure feedback of authentication information during the authentication process to protect the information from possible exploitation/use by unauthorized individuals.PostgreSQLDBEDB PostgreSQL Advanced Server v11 DB Audit v2r2
EP11-00-004820 - When using command-line tools such as psql, users must use a logon method that does not expose the password.PostgreSQLDBEDB PostgreSQL Advanced Server v11 DB Audit v2r3
EP11-00-004820 - When using command-line tools such as psql, users must use a logon method that does not expose the password.PostgreSQLDBEDB PostgreSQL Advanced Server v11 DB Audit v2r2
EPAS-00-004800 - When using command-line tools such as psql, users must use a logon method that does not expose the password.PostgreSQLDBEnterpriseDB PostgreSQL Advanced Server DB v1r1
EPAS-00-004810 - Applications must obscure feedback of authentication information during the authentication process to protect the information from possible exploitation/use by unauthorized individuals.PostgreSQLDBEnterpriseDB PostgreSQL Advanced Server DB v1r1
F5BI-DM-000133 - The BIG-IP appliance must be configured to obscure feedback of authentication information during the authentication process to protect the information from possible exploitation/use by unauthorized individuals.F5DISA F5 BIG-IP Device Management 11.x STIG v1r7
F5BI-DM-000133 - The BIG-IP appliance must be configured to obscure feedback of authentication information during the authentication process to protect the information from possible exploitation/use by unauthorized individuals.F5DISA F5 BIG-IP Device Management 11.x STIG v2r1
F5BI-DM-000133 - The BIG-IP appliance must be configured to obscure feedback of authentication information during the authentication process to protect the information from possible exploitation/use by unauthorized individuals.F5DISA F5 BIG-IP Device Management 11.x STIG v2r2
F5BI-DM-000133 - The BIG-IP appliance must be configured to obscure feedback of authentication information during the authentication process to protect the information from possible exploitation/use by unauthorized individuals.F5DISA F5 BIG-IP Device Management STIG v2r3
MADB-10-004300 - MariaDB must obscure feedback of authentication information during the authentication process to protect the information from possible exploitation/use by unauthorized individuals.MySQLDBDISA MariaDB Enterprise 10.x v1r2 DB
MADB-10-004300 - MariaDB must obscure feedback of authentication information during the authentication process to protect the information from possible exploitation/use by unauthorized individuals.MySQLDBDISA MariaDB Enterprise 10.x v1r3 DB
MD3X-00-000800 - MongoDB must obscure feedback of authentication information during the authentication process to protect the information from possible exploitation/use by unauthorized individuals.UnixDISA STIG MongoDB Enterprise Advanced 3.x v2r1 OS
MD3X-00-000800 - MongoDB must obscure feedback of authentication information during the authentication process to protect the information from possible exploitation/use by unauthorized individuals.UnixDISA STIG MongoDB Enterprise Advanced 3.x v2r2 OS
MD3X-00-000800 - MongoDB must obscure feedback of authentication information during the authentication process to protect the information from possible exploitation/use by unauthorized individuals.UnixDISA STIG MongoDB Enterprise Advanced 3.x v1r1
MD3X-00-000800 - MongoDB must obscure feedback of authentication information during the authentication process to protect the information from possible exploitation/use by unauthorized individuals.UnixDISA STIG MongoDB Enterprise Advanced 3.x v1r2
MD4X-00-003300 - MongoDB must obscure feedback of authentication information during the authentication process to protect the information from possible exploitation/use by unauthorized individuals.UnixDISA STIG MongoDB Enterprise Advanced 4.x v1r2 OS
MD4X-00-003300 - MongoDB must obscure feedback of authentication information during the authentication process to protect the information from possible exploitation/use by unauthorized individuals.UnixDISA STIG MongoDB Enterprise Advanced 4.x v1r3 OS
MD4X-00-003300 - MongoDB must obscure feedback of authentication information during the authentication process to protect the information from possible exploitation/use by unauthorized individuals.UnixDISA STIG MongoDB Enterprise Advanced 4.x v1r1 OS
Monterey - Obscure PasswordsUnixNIST macOS Monterey v1.0.0 - 800-53r5 High
Monterey - Obscure PasswordsUnixNIST macOS Monterey v1.0.0 - 800-53r5 Moderate
Monterey - Obscure PasswordsUnixNIST macOS Monterey v1.0.0 - 800-53r4 Low
Monterey - Obscure PasswordsUnixNIST macOS Monterey v1.0.0 - 800-53r5 Low
MYS8-00-005300 - The MySQL Database Server 8.0 must obscure feedback of authentication information during the authentication process to protect the information from possible exploitation/use by unauthorized individuals.MySQLDBDISA Oracle MySQL 8.0 v1r4 DB
MYS8-00-005300 - The MySQL Database Server 8.0 must obscure feedback of authentication information during the authentication process to protect the information from possible exploitation/use by unauthorized individuals.MySQLDBDISA Oracle MySQL 8.0 v1r3 DB
MYS8-00-005300 - The MySQL Database Server 8.0 must obscure feedback of authentication information during the authentication process to protect the information from possible exploitation/use by unauthorized individuals.MySQLDBDISA Oracle MySQL 8.0 v1r5 DB