STIGs RMF Controls Compare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

Browse STIGs
Search
RMF Controls
Compare Versions

Resources

About
Release Notes
VPAT
DISA STIG Library

STIGs updated 7 hours ago

Powered by Pylon

© 2026 Beacon Cloud Solutions, Inc. All rights reserved.

← All Controls

IA-5

Identification and AuthenticationRev 3

Authenticator Management

CCI Identifiers (30)

CCI-000175The organization manages information system authenticators for users and devices by verifying, as part of the initial authenticator distribution, the identity of the individual and/or device receiving the authenticator.CCI-000176Manage system authenticators by establishing initial authenticator content for authenticators issued by the organization.CCI-000177The organization manages information system authenticators for users and devices by establishing and implementing administrative procedures for initial authenticator distribution, for lost/compromised, or damaged authenticators, and for revoking authenticators.CCI-000178The organization manages information system authenticators for users and devices by changing default content of authenticators upon information system installation.CCI-000179The organization manages information system authenticators by establishing minimum lifetime restrictions for authenticators.CCI-000180The organization manages information system authenticators by establishing maximum lifetime restrictions for authenticators.CCI-000181The organization manages information system authenticators by establishing reuse conditions for authenticators.CCI-000182Manage system authenticators by changing or refreshing authenticators in accordance with the organization-defined time period by authenticator type or when organization-defined events occur.CCI-000183Manage system authenticators by protecting authenticator content from unauthorized disclosure.CCI-000184Manage system authenticators by requiring individuals to take, and having devices implement, specific security controls to protect authenticators.CCI-001544Manage system authenticators by ensuring that authenticators have sufficient strength of mechanism for their intended use.CCI-001610Defines the time-period (by authenticator type) for changing/refreshing authenticators.CCI-001987The organization manages information system authenticators by implementing administrative procedures for damaged authenticators.CCI-001988Manage system authenticators by implementing administrative procedures for revoking authenticators.CCI-001980Manage system authenticators by verifying, as part of the initial authenticator distribution, the identity of the individual, group, role, service, or device receiving the authenticator.CCI-001981Manage system authenticators by establishing administrative procedures for initial authenticator distribution.CCI-001982The organization manages information system authenticators by establishing administrative procedures for lost/compromised authenticators.CCI-001983The organization manages information system authenticators by establishing administrative procedures for damaged authenticators.CCI-001984Manage system authenticators by establishing administrative procedures for revoking authenticators.CCI-001985Manage system authenticators by implementing administrative procedures for initial authenticator distribution.CCI-001986The organization manages information system authenticators by implementing administrative procedures for lost/compromised authenticators.CCI-001989The organization manages information system authenticators by changing default content of authenticators prior to information system installation.CCI-001990Manage system authenticators by changing authenticators for group or role accounts when membership to those accounts changes.CCI-002042Manage system authenticators by protecting authenticator content from unauthorized modification.CCI-002365The organization manages information system authenticators by requiring individuals to take specific security safeguards to protect authenticators.CCI-002366The organization manages information system authenticators by having devices implement specific security safeguards to protect authenticators.CCI-004053Manage system authenticators by establishing administrative procedures for lost/compromised or damaged authenticators.CCI-004054Manage system authenticators by implementing administrative procedures for lost/compromised or damaged authenticators.CCI-004055Manage system authenticators by changing default authenticators prior to first use.CCI-004056Defines the events for when to change or refresh authenticators.

Linked STIG Checks (5)

Across 3 STIGs. Click to expand.