STIGs RMF Controls Compare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

Browse STIGs
Search
RMF Controls
Compare Versions

Resources

About
Release Notes
VPAT
DISA STIG Library

STIGs updated 2 hours ago

Powered by Pylon

© 2026 Beacon Cloud Solutions, Inc. All rights reserved.

← IA-5 (1) — Authenticator Management

CCI-000193

Definition

The information system enforces password complexity by the minimum number of lower case characters used.

Parent Control

IA-5 (1)Authenticator ManagementIdentification and Authentication

Linked STIG Checks (79)

V-76489CAT IIIf multifactor authentication is not supported and passwords must be used, the Akamai Luna Portal must enforce password complexity by requiring that at least one lower-case character be used.Akamai KSD Service Impact Level 2 NDM Security Technical Implementation Guide V-274161CAT IIAmazon Linux 2023 must ensure the password complexity module is enabled in the password-auth file.Amazon Linux 2023 Security Technical Implementation Guide V-222538CAT IIThe application must enforce password complexity by requiring that at least one lowercase character be used.Application Security and Development Security Technical Implementation Guide V-237321CAT IThe ArcGIS Server must use Windows authentication for supporting account management functions.ArcGIS for Server 10.3 Security Technical Implementation Guide V-272627CAT IIICylanceON-PREM must be configured to use a third-party identity provider.Arctic Wolf CylanceON-PREM Security Technical Implementation Guide V-256842CAT IICompliance Guardian must provide automated mechanisms for supporting account management functions.AvePoint Compliance Guardian Security Technical Implementation Guide V-38708CAT IIBlackBerry PlayBook OS must disallow the device unlock password from containing fewer than a specified minimum number of lower case alphabetic characters.BlackBerry PlayBook OS V2.1 Security Technical Implementation Guide V-219173CAT IIIThe Ubuntu operating system must enforce password complexity by requiring that at least one lower-case character be used.Canonical Ubuntu 18.04 LTS Security Technical Implementation Guide V-238222CAT IIIThe Ubuntu operating system must enforce password complexity by requiring that at least one lower-case character be used.Canonical Ubuntu 20.04 LTS Security Technical Implementation Guide V-260561CAT IIUbuntu 22.04 LTS must enforce password complexity by requiring at least one lowercase character be used.Canonical Ubuntu 22.04 LTS Security Technical Implementation Guide V-239916CAT IIThe Cisco ASA must be configured to enforce password complexity by requiring that at least one lowercase character be used.Cisco ASA NDM Security Technical Implementation Guide V-220591CAT IIThe Cisco switch must be configured to enforce password complexity by requiring that at least one lowercase character be used.Cisco IOS Switch NDM Security Technical Implementation Guide V-215828CAT IIThe Cisco router must be configured to enforce password complexity by requiring that at least one lowercase character be used.Cisco IOS XE Router NDM Security Technical Implementation Guide V-242647CAT IIFor accounts using password authentication, the Cisco ISE must enforce password complexity by requiring that at least one lowercase character be used.Cisco ISE NDM Security Technical Implementation Guide V-220490CAT IIThe Cisco switch must be configured to enforce password complexity by requiring that at least one lower-case character be used.Cisco NX OS Switch NDM Security Technical Implementation Guide V-255555CAT IIIf multifactor authentication is not supported and passwords must be used, the DBN-6300 must enforce password complexity by requiring that at least one lower-case character be used.DBN-6300 NDM Security Technical Implementation Guide V-270955CAT IIThe Dragos Platform must configure local password policies.Dragos Platform 2.x Security Technical Implementation Guide V-217400CAT IIIf multifactor authentication is not supported and passwords must be used, the BIG-IP appliance must enforce password complexity by requiring that at least one lower-case character be used.F5 BIG-IP Device Management Security Technical Implementation Guide V-266089CAT IIThe F5 BIG-IP appliance must enforce password complexity by requiring that at least one lowercase character be used.F5 BIG-IP TMOS NDM Security Technical Implementation Guide V-255660CAT IIIf multifactor authentication is not supported and passwords must be used, CounterACT must enforce password complexity by requiring that at least one lower-case character be used.ForeScout CounterACT NDM Security Technical Implementation Guide V-230964CAT IIForescout must enforce password complexity by requiring that at least one lowercase character be used.Forescout Network Device Management Security Technical Implementation Guide V-234205CAT IIThe FortiGate device must enforce password complexity by requiring that at least one lowercase character be used.Fortinet FortiGate Firewall NDM Security Technical Implementation Guide V-217454CAT IIIf multifactor authentication is not supported and passwords must be used, the HP FlexFabric Switch must enforce password complexity by requiring that at least one lowercase character be used.HP FlexFabric Switch NDM Security Technical Implementation Guide V-266933CAT IIAOS must enforce password complexity by requiring that at least one lowercase character be used.HPE Aruba Networking AOS NDM Security Technical Implementation Guide V-215218CAT IAIX must enforce password complexity by requiring that at least one lower-case character be used.IBM AIX 7.x Security Technical Implementation Guide V-252564CAT IIIBM Aspera Console must enforce password complexity by requiring at least fifteen characters, with at least one upper case letter, one lower case letter, one number, and one symbol.IBM Aspera Platform 4.2 Security Technical Implementation Guide V-252583CAT IIIBM Aspera Faspex must require password complexity features to be enabled.IBM Aspera Platform 4.2 Security Technical Implementation Guide V-252601CAT IIIBM Aspera Shares must require password complexity features to be enabled.IBM Aspera Platform 4.2 Security Technical Implementation Guide V-65097CAT IIIf multifactor authentication is not supported and passwords must be used, the DataPower Gateway must enforce password complexity by requiring that at least one lower-case character be used.IBM DataPower Network Device Management Security Technical Implementation Guide V-255742CAT IIThe MQ Appliance network device must enforce password complexity by requiring that at least one lower-case character be used.IBM MQ Appliance v9.0 NDM Security Technical Implementation Guide V-237914CAT IIIBM zVM CA VM:Secure product PASSWORD user exit must be in use.IBM zVM Using CA VM:Secure Security Technical Implementation Guide V-251410CAT IIThe Ivanti MobileIron Core server must enforce password complexity by requiring that at least one lowercase character be used.Ivanti MobileIron Core MDM Server Security Technical Implementation Guide V-250991CAT IIMobileIron Sentry must enforce password complexity by requiring that at least one lower-case character be used.Ivanti MobileIron Sentry 9.x NDM Security Technical Implementation Guide V-250991CAT IISentry must enforce password complexity by requiring that at least one lowercase character be used.Ivanti Sentry 9.x NDM Security Technical Implementation Guide V-217325CAT IIThe Juniper router must be configured to enforce password complexity by requiring that at least one lowercase character be used.Juniper Router NDM Security Technical Implementation Guide V-66521CAT IIFor local accounts using password authentication (i.e., the root account and the account of last resort), the Juniper SRX Services Gateway must enforce password complexity by requiring at least one lower-case character be used.Juniper SRX SG NDM Security Technical Implementation Guide V-223220CAT IIFor local accounts using password authentication (i.e., the root account and the account of last resort), the Juniper SRX Services Gateway must enforce password complexity by requiring at least one lowercase character be used.Juniper SRX Services Gateway NDM Security Technical Implementation Guide V-213894CAT IIIf SQL Server authentication, using passwords, is employed, SQL Server must enforce the DoD standards for password complexity.MS SQL Server 2014 Instance Security Technical Implementation Guide V-220746CAT IIThe built-in Microsoft password complexity filter must be enabled.Microsoft Windows 10 Security Technical Implementation Guide V-224873CAT IIWindows Server 2016 must have the built-in Windows password complexity policy enabled.Microsoft Windows Server 2016 Security Technical Implementation Guide V-205652CAT IIWindows Server 2019 must have the built-in Windows password complexity policy enabled.Microsoft Windows Server 2019 Security Technical Implementation Guide V-254292CAT IIWindows Server 2022 must have the built-in Windows password complexity policy enabled.Microsoft Windows Server 2022 Security Technical Implementation Guide V-246953CAT IIONTAP must enforce password complexity by requiring that at least one lowercase character be used.NetApp ONTAP DSC 9.x Security Technical Implementation Guide V-254209CAT IINutanix AOS must enforce password complexity by requiring that at least one lowercase character be used.Nutanix AOS 5.20.x OS Security Technical Implementation Guide V-237729CAT IIThe DBMS must support organizational requirements to enforce password complexity by the number of lower-case characters used.Oracle Database 12c Security Technical Implementation Guide V-221670CAT IIThe Oracle Linux operating system must be configured so that when passwords are changed or new passwords are established, the new password must contain at least one lower-case character.Oracle Linux 7 Security Technical Implementation Guide V-248687CAT IIIOL 8 must enforce password complexity by requiring that at least one uppercase character be used.Oracle Linux 8 Security Technical Implementation Guide V-248688CAT IIIOL 8 must enforce password complexity by requiring that at least one lowercase character be used.Oracle Linux 8 Security Technical Implementation Guide V-235968CAT IIOracle WebLogic must enforce password complexity by the number of lower-case characters used.Oracle WebLogic Server 12c Security Technical Implementation Guide V-228651CAT IIIf multifactor authentication is not available and passwords must be used, the Palo Alto Networks security platform must enforce password complexity by requiring that at least one lowercase character be used.Palo Alto Networks NDM Security Technical Implementation Guide V-253538CAT IIPrisma Cloud Compute local accounts must enforce strong password requirements.Palo Alto Networks Prisma Cloud Compute Security Technical Implementation Guide V-252843CAT IRancher MCM must use a centralized user management solution to support account management functions. For accounts using password authentication, the container platform must use FIPS-validated SHA-2 or later protocol to protect the integrity of the password authentication process.Rancher Government Solutions Multi-Cluster Manager Security Technical Implementation Guide V-204408CAT IIThe Red Hat Enterprise Linux operating system must be configured so that when passwords are changed or new passwords are established, the new password must contain at least one lower-case character.Red Hat Enterprise Linux 7 Security Technical Implementation Guide V-230358CAT IIRHEL 8 must enforce password complexity by requiring that at least one lower-case character be used.Red Hat Enterprise Linux 8 Security Technical Implementation Guide V-258097CAT IIRHEL 9 must ensure the password complexity module is enabled in the password-auth file.Red Hat Enterprise Linux 9 Security Technical Implementation Guide V-258101CAT IIRHEL 9 must enforce password complexity rules for the root account.Red Hat Enterprise Linux 9 Security Technical Implementation Guide V-258102CAT IIRHEL 9 must enforce password complexity by requiring that at least one lowercase character be used.Red Hat Enterprise Linux 9 Security Technical Implementation Guide V-257543CAT IOpenShift must use FIPS validated LDAP or OpenIDConnect.Red Hat OpenShift Container Platform 4.x Security Technical Implementation Guide V-261378CAT IISLEM 5 must enforce passwords that contain at least one lowercase character.SUSE Linux Enterprise Micro (SLEM) 5 Security Technical Implementation Guide V-217118CAT IIThe SUSE operating system must enforce passwords that contain at least one lower-case character.SUSE Linux Enterprise Server 12 Security Technical Implementation Guide V-22305CAT IIThe system must require passwords contain at least one lowercase alphabetic character.SUSE Linux Enterprise Server v11 for System z Security Technical Implementation Guide V-216328CAT IIThe operating system must enforce password complexity requiring that at least one lowercase character is used.Solaris 11 SPARC Security Technical Implementation Guide V-216093CAT IIThe operating system must enforce password complexity requiring that at least one lowercase character is used.Solaris 11 X86 Security Technical Implementation Guide V-221630CAT IIISplunk Enterprise must enforce password complexity for the account of last resort by requiring that at least one lowercase character be used.Splunk Enterprise 7.x for Windows Security Technical Implementation Guide V-251682CAT IIISplunk Enterprise must be configured to enforce password complexity by requiring that at least one lowercase character be used.Splunk Enterprise 8.x for Linux Security Technical Implementation Guide V-241136CAT IITrend Deep Security must enforce password complexity by requiring that at least one lower-case character be used.Trend Micro Deep Security 9.x Security Technical Implementation Guide V-242240CAT IIThe TippingPoint SMS must enforce password complexity by requiring that at least one lowercase character be used.Trend Micro TippingPoint NDM Security Technical Implementation Guide V-253061CAT IITOSS must enforce password complexity by requiring that at least one lowercase character be used.Tri-Lab Operating System Stack (TOSS) 4 Security Technical Implementation Guide V-265318CAT IIThe NSX Manager must enforce password complexity by requiring that at least one lowercase character be used for local accounts.VMware NSX 4.x Manager NDM Security Technical Implementation Guide V-69181CAT IIIf multifactor authentication is not supported and passwords must be used, the NSX vCenter must enforce password complexity by requiring that at least one lower-case character be used.VMware NSX Manager Security Technical Implementation Guide V-251260CAT IThe Workspace ONE UEM local accounts must be configured with at least one lowercase character, one uppercase character, one number, and one special character.VMware Workspace ONE UEM Security Technical Implementation Guide V-240395CAT IIThe SLES for vRealize must enforce password complexity by requiring that at least one lower-case character be used.VMware vRealize Automation 7.x SLES Security Technical Implementation Guide V-239493CAT IIThe SLES for vRealize must enforce password complexity by requiring that at least one lower-case character be used.VMware vRealize Operations Manager 6.x SLES Security Technical Implementation Guide V-256397CAT IIThe ESXi host must be configured with a sufficiently complex password policy.VMware vSphere 7.0 ESXi Security Technical Implementation Guide V-256499CAT IIThe Photon operating system must enforce password complexity by requiring that at least one lowercase character be used.VMware vSphere 7.0 vCenter Appliance Photon OS Security Technical Implementation Guide V-256328CAT IIThe vCenter Server passwords must contain at least one lowercase character.VMware vSphere 7.0 vCenter Security Technical Implementation Guide V-258734CAT IIThe ESXi host must enforce password complexity by configuring a password quality policy.VMware vSphere 8.0 ESXi Security Technical Implementation Guide V-258815CAT IIThe Photon operating system must enforce password complexity by requiring that at least one lowercase character be used.VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 Security Technical Implementation Guide V-258914CAT IIThe vCenter Server passwords must contain at least one lowercase character.VMware vSphere 8.0 vCenter Security Technical Implementation Guide