STIGs RMF Controls Compare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

Browse STIGs
Search
RMF Controls
Compare Versions

Resources

About
Release Notes
VPAT
DISA STIG Library

STIGs updated 2 hours ago

Powered by Pylon

© 2026 Beacon Cloud Solutions, Inc. All rights reserved.

← IA-5 (1) — Authenticator Management

CCI-000194

Definition

The information system enforces password complexity by the minimum number of numeric characters used.

Parent Control

IA-5 (1)Authenticator ManagementIdentification and Authentication

Linked STIG Checks (79)

V-76491CAT IIIf multifactor authentication is not supported and passwords must be used, the Akamai Luna Portal must enforce password complexity by requiring that at least one numeric character be used.Akamai KSD Service Impact Level 2 NDM Security Technical Implementation Guide V-252520CAT IIThe macOS system must enforce password complexity by requiring that at least one numeric character be used.Apple macOS 12 (Monterey) Security Technical Implementation Guide V-257226CAT IIThe macOS system must enforce password complexity by requiring that at least one numeric character be used.Apple macOS 13 (Ventura) Security Technical Implementation Guide V-222539CAT IIThe application must enforce password complexity by requiring that at least one numeric character be used.Application Security and Development Security Technical Implementation Guide V-237321CAT IThe ArcGIS Server must use Windows authentication for supporting account management functions.ArcGIS for Server 10.3 Security Technical Implementation Guide V-272627CAT IIICylanceON-PREM must be configured to use a third-party identity provider.Arctic Wolf CylanceON-PREM Security Technical Implementation Guide V-256842CAT IICompliance Guardian must provide automated mechanisms for supporting account management functions.AvePoint Compliance Guardian Security Technical Implementation Guide V-38709CAT IIBlackBerry PlayBook OS must disallow the device unlock password from containing fewer than a specified minimum number of numeric characters.BlackBerry PlayBook OS V2.1 Security Technical Implementation Guide V-219174CAT IIIThe Ubuntu operating system must enforce password complexity by requiring that at least one numeric character be used.Canonical Ubuntu 18.04 LTS Security Technical Implementation Guide V-238223CAT IIIThe Ubuntu operating system must enforce password complexity by requiring that at least one numeric character be used.Canonical Ubuntu 20.04 LTS Security Technical Implementation Guide V-260562CAT IIUbuntu 22.04 LTS must enforce password complexity by requiring that at least one numeric character be used.Canonical Ubuntu 22.04 LTS Security Technical Implementation Guide V-239917CAT IIThe Cisco ASA must be configured to enforce password complexity by requiring that at least one numeric character be used.Cisco ASA NDM Security Technical Implementation Guide V-220592CAT IIThe Cisco switch must be configured to enforce password complexity by requiring that at least one numeric character be used.Cisco IOS Switch NDM Security Technical Implementation Guide V-215829CAT IIThe Cisco router must be configured to enforce password complexity by requiring that at least one numeric character be used.Cisco IOS XE Router NDM Security Technical Implementation Guide V-242648CAT IIFor accounts using password authentication, the Cisco ISE must enforce password complexity by requiring that at least one digit be used.Cisco ISE NDM Security Technical Implementation Guide V-220491CAT IIThe Cisco switch must be configured to enforce password complexity by requiring that at least one numeric character be used.Cisco NX OS Switch NDM Security Technical Implementation Guide V-255556CAT IIIf multifactor authentication is not supported and passwords must be used, the DBN-6300 must enforce password complexity by requiring that at least one numeric character be used.DBN-6300 NDM Security Technical Implementation Guide V-270955CAT IIThe Dragos Platform must configure local password policies.Dragos Platform 2.x Security Technical Implementation Guide V-217401CAT IIIf multifactor authentication is not supported and passwords must be used, the BIG-IP appliance must enforce password complexity by requiring that at least one numeric character be used.F5 BIG-IP Device Management Security Technical Implementation Guide V-266090CAT IIThe F5 BIG-IP appliance must enforce password complexity by requiring that at least one numeric character be used.F5 BIG-IP TMOS NDM Security Technical Implementation Guide V-255646CAT IICounterACT must enforce password complexity by requiring that at least one numeric character be used.ForeScout CounterACT NDM Security Technical Implementation Guide V-230966CAT IIForescout must enforce password complexity by requiring that at least one numeric character be used.Forescout Network Device Management Security Technical Implementation Guide V-234206CAT IIThe FortiGate device must enforce password complexity by requiring at least one numeric character be used.Fortinet FortiGate Firewall NDM Security Technical Implementation Guide V-217455CAT IIIf multifactor authentication is not supported and passwords must be used, the HP FlexFabric Switch must enforce password complexity by requiring that at least one numeric character be used.HP FlexFabric Switch NDM Security Technical Implementation Guide V-266934CAT IIAOS must enforce password complexity by requiring that at least one numeric character be used.HPE Aruba Networking AOS NDM Security Technical Implementation Guide V-215219CAT IAIX must enforce password complexity by requiring that at least one numeric character be used.IBM AIX 7.x Security Technical Implementation Guide V-252564CAT IIIBM Aspera Console must enforce password complexity by requiring at least fifteen characters, with at least one upper case letter, one lower case letter, one number, and one symbol.IBM Aspera Platform 4.2 Security Technical Implementation Guide V-252583CAT IIIBM Aspera Faspex must require password complexity features to be enabled.IBM Aspera Platform 4.2 Security Technical Implementation Guide V-252601CAT IIIBM Aspera Shares must require password complexity features to be enabled.IBM Aspera Platform 4.2 Security Technical Implementation Guide V-65099CAT IIIf multifactor authentication is not supported and passwords must be used, the DataPower Gateway must enforce password complexity by requiring that at least one numeric character be used.IBM DataPower Network Device Management Security Technical Implementation Guide V-255743CAT IIThe MQ Appliance network device must enforce password complexity by requiring that at least one numeric character be used.IBM MQ Appliance v9.0 NDM Security Technical Implementation Guide V-237914CAT IIIBM zVM CA VM:Secure product PASSWORD user exit must be in use.IBM zVM Using CA VM:Secure Security Technical Implementation Guide V-251411CAT IIThe Ivanti MobileIron Core server must enforce password complexity by requiring that at least one numeric character be used.Ivanti MobileIron Core MDM Server Security Technical Implementation Guide V-250992CAT IIMobileIron Sentry must enforce password complexity by requiring that at least one numeric character be used.Ivanti MobileIron Sentry 9.x NDM Security Technical Implementation Guide V-250992CAT IISentry must enforce password complexity by requiring that at least one numeric character be used.Ivanti Sentry 9.x NDM Security Technical Implementation Guide V-253907CAT IIThe Juniper EX switch must be configured to enforce password complexity by requiring that at least one numeric character be used.Juniper EX Series Switches Network Device Management Security Technical Implementation Guide V-217326CAT IIThe Juniper router must be configured to enforce password complexity by requiring that at least one numeric character be used.Juniper Router NDM Security Technical Implementation Guide V-66523CAT IIFor local accounts using password authentication (i.e., the root account and the account of last resort), the Juniper SRX Services Gateway must enforce password complexity by requiring at least one numeric character be used.Juniper SRX SG NDM Security Technical Implementation Guide V-223221CAT IIFor local accounts using password authentication (i.e., the root account and the account of last resort), the Juniper SRX Services Gateway must enforce password complexity by requiring at least one numeric character be used.Juniper SRX Services Gateway NDM Security Technical Implementation Guide V-213894CAT IIIf SQL Server authentication, using passwords, is employed, SQL Server must enforce the DoD standards for password complexity.MS SQL Server 2014 Instance Security Technical Implementation Guide V-220746CAT IIThe built-in Microsoft password complexity filter must be enabled.Microsoft Windows 10 Security Technical Implementation Guide V-224873CAT IIWindows Server 2016 must have the built-in Windows password complexity policy enabled.Microsoft Windows Server 2016 Security Technical Implementation Guide V-205652CAT IIWindows Server 2019 must have the built-in Windows password complexity policy enabled.Microsoft Windows Server 2019 Security Technical Implementation Guide V-254292CAT IIWindows Server 2022 must have the built-in Windows password complexity policy enabled.Microsoft Windows Server 2022 Security Technical Implementation Guide V-246954CAT IIONTAP must enforce password complexity by requiring that at least one numeric character be used.NetApp ONTAP DSC 9.x Security Technical Implementation Guide V-254210CAT IINutanix AOS must enforce password complexity by requiring that at least one numeric character be used.Nutanix AOS 5.20.x OS Security Technical Implementation Guide V-237730CAT IIThe DBMS must support organizational requirements to enforce password complexity by the number of numeric characters used.Oracle Database 12c Security Technical Implementation Guide V-221671CAT IIThe Oracle Linux operating system must be configured so that when passwords are changed or new passwords are assigned, the new password must contain at least one numeric character.Oracle Linux 7 Security Technical Implementation Guide V-248689CAT IIIOL 8 must enforce password complexity by requiring that at least one numeric character be used.Oracle Linux 8 Security Technical Implementation Guide V-235969CAT IIOracle WebLogic must enforce password complexity by the number of numeric characters used.Oracle WebLogic Server 12c Security Technical Implementation Guide V-228652CAT IIIf multifactor authentication is not available and passwords must be used, the Palo Alto Networks security platform must enforce password complexity by requiring that at least one numeric character be used.Palo Alto Networks NDM Security Technical Implementation Guide V-253538CAT IIPrisma Cloud Compute local accounts must enforce strong password requirements.Palo Alto Networks Prisma Cloud Compute Security Technical Implementation Guide V-252843CAT IRancher MCM must use a centralized user management solution to support account management functions. For accounts using password authentication, the container platform must use FIPS-validated SHA-2 or later protocol to protect the integrity of the password authentication process.Rancher Government Solutions Multi-Cluster Manager Security Technical Implementation Guide V-204409CAT IIThe Red Hat Enterprise Linux operating system must be configured so that when passwords are changed or new passwords are assigned, the new password must contain at least one numeric character.Red Hat Enterprise Linux 7 Security Technical Implementation Guide V-230359CAT IIRHEL 8 must enforce password complexity by requiring that at least one numeric character be used.Red Hat Enterprise Linux 8 Security Technical Implementation Guide V-258101CAT IIRHEL 9 must enforce password complexity rules for the root account.Red Hat Enterprise Linux 9 Security Technical Implementation Guide V-258103CAT IIRHEL 9 must enforce password complexity by requiring that at least one numeric character be used.Red Hat Enterprise Linux 9 Security Technical Implementation Guide V-257543CAT IOpenShift must use FIPS validated LDAP or OpenIDConnect.Red Hat OpenShift Container Platform 4.x Security Technical Implementation Guide V-254093CAT IInnoslate must use multifactor authentication for network access to privileged and non-privileged accounts.SPEC Innovations Innoslate 4.x Security Technical Implementation Guide V-261379CAT IISLEM 5 must enforce passwords that contain at least one numeric character.SUSE Linux Enterprise Micro (SLEM) 5 Security Technical Implementation Guide V-217119CAT IIThe SUSE operating system must enforce passwords that contain at least one numeric character.SUSE Linux Enterprise Server 12 Security Technical Implementation Guide V-11972CAT IIThe system must require passwords contain at least one numeric character.SUSE Linux Enterprise Server v11 for System z Security Technical Implementation Guide V-216329CAT IIThe system must require passwords to contain at least one numeric character.Solaris 11 SPARC Security Technical Implementation Guide V-216094CAT IIThe system must require passwords to contain at least one numeric character.Solaris 11 X86 Security Technical Implementation Guide V-221631CAT IIISplunk Enterprise must enforce password complexity for the account of last resort by requiring that at least one numeric character be used.Splunk Enterprise 7.x for Windows Security Technical Implementation Guide V-251683CAT IIISplunk Enterprise must be configured to enforce password complexity by requiring that at least one numeric character be used.Splunk Enterprise 8.x for Linux Security Technical Implementation Guide V-241137CAT IITrend Deep Security must enforce password complexity by requiring that at least one numeric character be used.Trend Micro Deep Security 9.x Security Technical Implementation Guide V-242241CAT IIThe TippingPoint SMS must enforce password complexity by requiring that at least one numeric character be used.Trend Micro TippingPoint NDM Security Technical Implementation Guide V-253062CAT IITOSS must enforce password complexity by requiring that at least one numeric character be used.Tri-Lab Operating System Stack (TOSS) 4 Security Technical Implementation Guide V-265319CAT IIThe NSX Manager must enforce password complexity by requiring that at least one numeric character be used for local accounts.VMware NSX 4.x Manager NDM Security Technical Implementation Guide V-69183CAT IIIf multifactor authentication is not supported and passwords must be used, the NSX vCenter must enforce password complexity by requiring that at least one numeric character be used.VMware NSX Manager Security Technical Implementation Guide V-240396CAT IIThe SLES for vRealize must enforce password complexity by requiring that at least one numeric character be used.VMware vRealize Automation 7.x SLES Security Technical Implementation Guide V-239494CAT IIThe SLES for vRealize must enforce password complexity by requiring that at least one numeric character be used.VMware vRealize Operations Manager 6.x SLES Security Technical Implementation Guide V-256397CAT IIThe ESXi host must be configured with a sufficiently complex password policy.VMware vSphere 7.0 ESXi Security Technical Implementation Guide V-256500CAT IIThe Photon operating system must enforce password complexity by requiring that at least one numeric character be used.VMware vSphere 7.0 vCenter Appliance Photon OS Security Technical Implementation Guide V-256329CAT IIThe vCenter Server passwords must contain at least one numeric character.VMware vSphere 7.0 vCenter Security Technical Implementation Guide V-258734CAT IIThe ESXi host must enforce password complexity by configuring a password quality policy.VMware vSphere 8.0 ESXi Security Technical Implementation Guide V-258816CAT IIThe Photon operating system must enforce password complexity by requiring that at least one numeric character be used.VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 Security Technical Implementation Guide V-258915CAT IIThe vCenter Server passwords must contain at least one numeric character.VMware vSphere 8.0 vCenter Security Technical Implementation Guide