STIGs RMF Controls Compare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

Browse STIGs
Search
RMF Controls
Compare Versions

Resources

About
Release Notes
VPAT
DISA STIG Library

STIGs updated 2 hours ago

Powered by Pylon

© 2026 Beacon Cloud Solutions, Inc. All rights reserved.

← IA-5 (1) — Authenticator Management

CCI-000200

Definition

The information system prohibits password reuse for the organization-defined number of generations.

Parent Control

IA-5 (1)Authenticator ManagementIdentification and Authentication

Linked STIG Checks (48)

V-76497CAT IIThe Akamai Luna Portal must prohibit password reuse for a minimum of five generations.Akamai KSD Service Impact Level 2 NDM Security Technical Implementation Guide V-259768CAT IApple iOS/iPadOS 17 must be configured to enforce a passcode reuse prohibition of at least two generations.Apple iOS/iPadOS 17 MDFPP 3.3 BYOAD Security Technical Implementation Guide V-252522CAT IIThe macOS system must prohibit password reuse for a minimum of five generations.Apple macOS 12 (Monterey) Security Technical Implementation Guide V-257228CAT IIThe macOS system must prohibit password reuse for a minimum of five generations.Apple macOS 13 (Ventura) Security Technical Implementation Guide V-237321CAT IThe ArcGIS Server must use Windows authentication for supporting account management functions.ArcGIS for Server 10.3 Security Technical Implementation Guide V-272627CAT IIICylanceON-PREM must be configured to use a third-party identity provider.Arctic Wolf CylanceON-PREM Security Technical Implementation Guide V-256842CAT IICompliance Guardian must provide automated mechanisms for supporting account management functions.AvePoint Compliance Guardian Security Technical Implementation Guide V-38711CAT IIIBlackBerry PlayBook OS must prohibit a user from reusing any of the last five previously used device unlock passwords.BlackBerry PlayBook OS V2.1 Security Technical Implementation Guide V-219180CAT IIIThe Ubuntu operating system must prohibit password reuse for a minimum of five generations.Canonical Ubuntu 18.04 LTS Security Technical Implementation Guide V-255553CAT IIThe DBN-6300 must prohibit password reuse for a minimum of five generations.DBN-6300 NDM Security Technical Implementation Guide V-270910CAT IIDragos Platform must use an Identity Provider (IDP) for authentication and authorization processes.Dragos Platform 2.x Security Technical Implementation Guide V-228989CAT IIThe BIG-IP appliance must be configured to prohibit password reuse for a minimum of five generations.F5 BIG-IP Device Management Security Technical Implementation Guide V-255645CAT IICounterACT must prohibit password reuse for a minimum of five generations.ForeScout CounterACT NDM Security Technical Implementation Guide V-230167CAT IIThe HP FlexFabric Switch must prohibit password reuse for a minimum of five generations.HP FlexFabric Switch NDM Security Technical Implementation Guide V-252567CAT IIIBM Aspera Console passwords must be prohibited from reuse for a minimum of five generations.IBM Aspera Platform 4.2 Security Technical Implementation Guide V-252585CAT IIIBM Aspera Faspex passwords must be prohibited from reuse for a minimum of five generations.IBM Aspera Platform 4.2 Security Technical Implementation Guide V-65093CAT IIThe DataPower Gateway must prohibit password reuse for a minimum of five generations.IBM DataPower Network Device Management Security Technical Implementation Guide V-24356CAT IIThe PASSWORD History Count value must be set to 10 or greater.IBM Hardware Management Console (HMC) STIG V-255740CAT IIThe MQ Appliance network device must prohibit password reuse for a minimum of five generations.IBM MQ Appliance v9.0 NDM Security Technical Implementation Guide V-237913CAT IICA VM:Secure product PASSWORD user exit must be coded with the PWLIST option properly set.IBM zVM Using CA VM:Secure Security Technical Implementation Guide V-251408CAT IIThe Ivanti MobileIron Core server must prohibit password reuse for a minimum of four generations.Ivanti MobileIron Core MDM Server Security Technical Implementation Guide V-213895CAT IIIf SQL Server authentication, using passwords, is employed, SQL Server must enforce the DoD standards for password lifetime.MS SQL Server 2014 Instance Security Technical Implementation Guide V-74219CAT IIThe use of a Solidcore 7.x local Command Line Interface (CLI) Access Password must be documented in the organizations written policy.McAfee Application Control 7.x Security Technical Implementation Guide V-220742CAT IIThe password history must be configured to 24 passwords remembered.Microsoft Windows 10 Security Technical Implementation Guide V-224869CAT IIWindows Server 2016 password history must be configured to 24 passwords remembered.Microsoft Windows Server 2016 Security Technical Implementation Guide V-254220CAT IINutanix AOS must prohibit password reuse for a minimum of five generations.Nutanix AOS 5.20.x OS Security Technical Implementation Guide V-237727CAT IIThe DBMS must support organizational requirements to prohibit password reuse for the organization-defined number of generations.Oracle Database 12c Security Technical Implementation Guide V-204422CAT IIThe Red Hat Enterprise Linux operating system must be configured so that passwords are prohibited from reuse for a minimum of five generations.Red Hat Enterprise Linux 7 Security Technical Implementation Guide V-261384CAT IISLEM 5 must not allow passwords to be reused for a minimum of five generations.SUSE Linux Enterprise Micro (SLEM) 5 Security Technical Implementation Guide V-261390CAT IISLEM 5 must employ a password history file.SUSE Linux Enterprise Micro (SLEM) 5 Security Technical Implementation Guide V-4084CAT IIThe system must prohibit the reuse of passwords within five iterations.SUSE Linux Enterprise Server v11 for System z Security Technical Implementation Guide V-245529CAT IIThe Samsung SDS EMM local accounts must prohibit password reuse for a minimum of five generations.Samsung SDS EMM Security Technical Implementation Guide V-69177CAT IIThe NSX vCenter must prohibit password reuse for a minimum of five generations.VMware NSX Manager Security Technical Implementation Guide V-251262CAT IThe Workspace ONE UEM local accounts must prohibit password reuse for a minimum of five generations.VMware Workspace ONE UEM Security Technical Implementation Guide V-240404CAT IIThe SLES for vRealize must prohibit password reuse for a minimum of five generations.VMware vRealize Automation 7.x SLES Security Technical Implementation Guide V-240405CAT IIThe SLES for vRealize must prohibit password reuse for a minimum of five generations - old passwords are being stored.VMware vRealize Automation 7.x SLES Security Technical Implementation Guide V-239501CAT IIThe SLES for vRealize must prohibit password reuse for a minimum of five generations.VMware vRealize Operations Manager 6.x SLES Security Technical Implementation Guide V-239502CAT IIThe SLES for vRealize must prohibit password reuse for a minimum of five generations. Ensure the old passwords are being stored.VMware vRealize Operations Manager 6.x SLES Security Technical Implementation Guide V-256398CAT IIThe ESXi host must prohibit the reuse of passwords within five iterations.VMware vSphere 7.0 ESXi Security Technical Implementation Guide V-256506CAT IIThe Photon operating system must prohibit password reuse for a minimum of five generations.VMware vSphere 7.0 vCenter Appliance Photon OS Security Technical Implementation Guide V-256586CAT IIThe Photon operating system must ensure the old passwords are being stored.VMware vSphere 7.0 vCenter Appliance Photon OS Security Technical Implementation Guide V-256326CAT IIThe vCenter Server must prohibit password reuse for a minimum of five generations.VMware vSphere 7.0 vCenter Security Technical Implementation Guide V-258735CAT IIThe ESXi host must prohibit password reuse for a minimum of five generations.VMware vSphere 8.0 ESXi Security Technical Implementation Guide V-258822CAT IIThe Photon operating system must prohibit password reuse for a minimum of five generations.VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 Security Technical Implementation Guide V-258902CAT IIThe Photon operating system must be configured to use the pam_pwhistory.so module.VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 Security Technical Implementation Guide V-73315CAT IIWindows Server 2016 password history must be configured to 24 passwords remembered.Windows Server 2016 Security Technical Implementation Guide V-73315CAT IIWindows Server 2016 password history must be configured to 24 passwords remembered.Windows Server 2016 Security Technical Implementation Guide V-93479CAT IIWindows Server 2019 password history must be configured to 24 passwords remembered.Windows Server 2019 Security Technical Implementation Guide