(a) Accept only external authenticators that are NIST-compliant; and (b) Document and maintain a list of accepted external authenticators.
[Withdrawn: Incorporated into IA-8(2).]
Conform to the following profiles for identity management [Assignment: organization-defined identity management profiles].
Accept and verify federated or PKI credentials that meet [Assignment: organization-defined policy].
Implement the following measures to disassociate user attributes or identifier assertion relationships among individuals, credential service providers, and relying parties: [Assignment: organization-defined measures].
Uniquely identify and authenticate [Assignment: organization-defined system services and applications] before establishing communications with devices, users, or other services or applications.
[Withdrawn: Incorporated into IA-9.]
[Withdrawn: Incorporated into IA-9.]
Require individuals accessing the system to employ [Assignment: organization-defined supplemental authentication techniques or mechanisms] under specific [Assignment: organization-defined circumstances or situations].
Require users to re-authenticate when [Assignment: organization-defined circumstances or situations requiring re-authentication].
Passcode