IA.L2-3.5.1
IA.L2-3.5.1: Identification
Identify system users, processes, and devices on your network and maintain a record of who or what has access.
IA.L2-3.5.2
MFA, Passwords, and Device Auth: IA.L2-3.5.2 Guide
Authenticate (or verify) the identities of users, processes, or devices, as a prerequisite to allowing access to organizational systems.
IA.L2-3.5.3
IA.L2-3.5.3: Multifactor Authentication
Require multifactor authentication for privileged and network access.
IA.L2-3.5.4
IA.L2-3.5.4: Replay-Resistant Authentication
Implement authentication mechanisms that prevent replay attacks.
IA.L2-3.5.5
IA.L2-3.5.5: Identifier Management
Manage identifiers for users, processes, and devices throughout their lifecycle.
IA.L2-3.5.6
IA.L2-3.5.6: Identifier Deactivation
Disable identifiers when users, processes, or devices are no longer active.
IA.L2-3.5.7
IA.L2-3.5.7: Password Complexity
Enforce minimum password complexity for user authentication.
IA.L2-3.5.8
IA.L2-3.5.8: Password Reuse
Prohibit password reuse for a specified minimum number of generations.
IA.L2-3.5.9
IA.L2-3.5.9: Temporary Passwords
Establish temporary passwords and require a change upon first logon.
IA.L2-3.5.10
IA.L2-3.5.10: Cryptographically-Protected Passwords
Store and transmit passwords using approved cryptographic methods.
IA.L2-3.5.11
IA.L2-3.5.11: Obscure Feedback
Obscure authentication feedback to prevent information disclosure.