Identification and Authentication (IA)
[Withdrawn: Incorporated into IA-2(1) and IA-2(2).]
Identification and Authentication (IA)
[Withdrawn: Incorporated into IA-12(4).]
Identification and Authentication (IA)
Require developers and installers of system components to provide unique authenticators or change default authenticators prior to delivery and installation.
Identification and Authentication (IA)
Protect authenticators commensurate with the security category of the information to which use of the authenticator permits access.
Identification and Authentication (IA)
Ensure that unencrypted static authenticators are not embedded in applications or other forms of static storage.
Identification and Authentication (IA)
Implement [Assignment: organization-defined security controls] to manage the risk of compromise due to individuals having accounts on multiple systems.
Identification and Authentication (IA)
Use the following external organizations to federate credentials: [Assignment: organization-defined external organizations].
Identification and Authentication (IA)
Bind identities and authenticators dynamically using the following rules: [Assignment: organization-defined binding rules].
Identification and Authentication (IA)
[Withdrawn: Incorporated into IA-5(1).]
Identification and Authentication (IA)
For biometric-based authentication, employ mechanisms that satisfy the following biometric quality requirements [Assignment: organization-defined biometric quality requirements].
