NIST 800-53 Rev. 5

AC
AT
AU
CA
CM
CP
IA
IR
MA
MP
PE
PL
PM
PS
PT
RA
SA
SC
SI
SR
IA-1
IA-2
IA-2(1)
IA-2(2)
IA-2(11)
IA-2(3)
IA-2(5)
IA-2(6)
IA-2(4)
IA-2(8)
IA-2(7)
IA-2(10)
IA-2(9)
IA-2(12)
IA-2(13)
IA-3
IA-3(1)
IA-3(2)
IA-3(3)
IA-3(4)
IA-4
IA-4(1)
IA-4(2)
IA-4(3)
IA-4(4)
IA-4(5)
IA-4(6)
IA-4(7)
IA-4(8)
IA-4(9)
IA-5
IA-5(1)
IA-5(2)
IA-5(11)
IA-5(3)
IA-5(5)
IA-5(6)
IA-5(7)
IA-5(8)
IA-5(9)
IA-5(10)
IA-5(4)
IA-5(12)
IA-5(13)
IA-5(14)
IA-5(15)
IA-5(16)
IA-5(17)
IA-5(18)
IA-6
IA-7
IA-8
IA-8(1)
IA-8(2)
IA-8(3)
IA-8(4)
IA-8(5)
IA-8(6)
IA-9
IA-9(1)
IA-9(2)
IA-10
IA-11
IA-12
IA-12(1)
IA-12(2)
IA-12(3)
IA-12(4)
IA-12(5)
IA-12(6)

IA-2(8): Identification and Authentication (organizational Users) | Access to Accounts — Replay Resistant

Control Text:

Implement replay-resistant authentication mechanisms for access to [Selection (one or more): privileged accounts; non-privileged accounts].

Authentication processes resist replay attacks if it is impractical to achieve successful authentications by replaying previous authentication messages. Replay-resistant techniques include protocols that use nonces or challenges such as time synchronous or cryptographic authenticators.

Related Controls

  • None