An error occurred:

CCIs

Number Definition Status Related
CCI-004052 Defines the protected central storage for maintaining the attributes for each uniquely individual, device or service. Draft
CCI-004053 Manage system authenticators by establishing administrative procedures for lost/compromised or damaged authenticators. Draft
CCI-004054 Manage system authenticators by implementing administrative procedures for lost/compromised or damaged authenticators. Draft
CCI-004055 Manage system authenticators by changing default authenticators prior to first use. Draft
CCI-004056 Defines the events for when to change or refresh authenticators. Draft
CCI-004057 Defines the frequency for updating commonly used, expected, or compromised passwords, when they are suspected of being compromised directly or indirectly. Draft
CCI-004058 For password-based authentication, maintain a list of commonly used, expected, or compromised passwords on an organization-defined frequency. Draft
CCI-004059 For password-based authentication, update the list of passwords on an organization-defined frequency. Draft
CCI-004060 For password-based authentication, update the list of passwords when organizational passwords are suspected to have been compromised directly or indirectly. Draft
CCI-004061 For password-based authentication, verify when users create or update passwords, that the passwords are not found on the list of commonly-used, expected, or compromised passwords in IA-5 (1) (a). Draft
CCI-004062 For password-based authentication, store passwords using an approved salted key derivation function, preferably using a keyed hash. Draft
CCI-004063 For password-based authentication, require immediate selection of a new password upon account recovery. Draft
CCI-004064 For password-based authentication, allow user selection of long passwords and passphrases, including spaces and all printable characters. Draft
CCI-004065 For password-based authentication, employ automated tools to assist the user in selecting strong password authenticators. Draft
CCI-004066 For password-based authentication, enforce organization-defined composition and complexity rules. Draft
CCI-004067 Defines the composition and complexity rules to be enforced. Draft
CCI-004068 For public key-based authentication, implement a local cache of revocation data to support path discovery and validation. Draft
CCI-004069 Ensure that the unencrypted static authenticators are not embedded in applications or other forms of static storage. Draft
CCI-004070 Use organization-defined external organizations to federate credentials. Draft
CCI-004071 Defines the external organizations used to federate credentials. Draft
CCI-004072 Defines the binding rules for binding identities and authenticators. Draft
CCI-004073 Use only General Services Administration-approved and validated products and services for identity, credential, and access management. Draft
CCI-004074 Require that the issuance of organization-defined types of and/or specific authenticators be conducted in person or by a trusted external party before the organization-defined registration authority with authorization by organization-defined personnel or roles. Draft
CCI-004075 Defines types of and/or specific authenticators to be conducted in person or by a trusted external party before the organization-defined registration authority. Draft
CCI-004076 Defines the registration authority who conducts the issuance of organization-defined types of and/or specific authenticators. Draft
CCI-004077 Defines the personnel or roles who authorize the issuance of organization-defined types of and/or specific authenticators. Draft
CCI-004078 Employ presentation attack detection mechanisms for biometric-based authentication. Draft
CCI-004079 Employ organization-defined password managers to generate and manage passwords. Draft
CCI-004080 Defines the password managers employed to generate and manage passwords. Draft
CCI-004081 Protect the passwords using organization-defined controls. Draft