NIST 800-171 v2
110 security requirements available
3.5.6Derived Requirement
Identification and Authentication
Security Requirement
Disable identifiers after a defined period of inactivity.
Discussion
Inactive identifiers pose a risk to organizational information because attackers may exploit an inactive identifier to gain undetected access to organizational devices. The owners of the inactive accounts may not notice if unauthorized access to the account has been obtained.
- Framework
- NIST SP 800-171 Rev 2
- Family
- Identification and Authentication
- Requirement Type
- derived
Related Frameworks
9 paths across 2 frameworks
Related Frameworks
NIST 800-531 mapping
IA-4
1.00
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
CCI8 mappings
CCI-000794
1.00
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-000795
1.00
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-001970
1.00
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-001971
1.00
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-001972
1.00
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-001973
1.00
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-001974
1.00
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-001975
1.00
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
- DISA · 2025-01-23 · disa_cci_list · equivalent
Related STIGs
13 STIGs reach this control through 21 CCIs via 800-53 control IA-4. Expand a row to see the responsible NICE and O*NET roles.
Operating System — Server
9 STIGs
Operating System — Server
9 STIGsCanonical Ubuntu 20.04 LTS Security Technical Implementation Guide
22025-05-161 of 172 findings match
M1
Cloud Linux AlmaLinux OS 9 Security Technical Implementation Guide
V1R62026-02-271 of 439 findings match
M1
CloudLinux AlmaLinux OS 9 Security Technical Implementation Guide
12025-05-221 of 445 findings match
M1
Oracle Linux 7 Security Technical Implementation Guide
32025-05-081 of 243 findings match
M1
Red Hat Enterprise Linux 8 Security Technical Implementation Guide
22025-05-141 of 369 findings match
M1
Red Hat Enterprise Linux 8 Security Technical Implementation Guide
V2R72026-02-051 of 366 findings match
M1
SUSE Linux Enterprise Micro (SLEM) 5 Security Technical Implementation Guide
12025-05-081 of 210 findings match
M1
SUSE Linux Enterprise Micro (SLEM) 5 Security Technical Implementation Guide
V1R42026-02-101 of 208 findings match
M1
Show 1 more STIG in this category →Hide additional STIGs
SUSE Linux Enterprise Server 12 Security Technical Implementation Guide
32025-05-141 of 211 findings match
M1
Operating System — Mainframe
1 STIG
Operating System — Mainframe
1 STIGIBM zVM Using CA VM:Secure Security Technical Implementation Guide
V2R22022-08-311 of 77 findings match
M1
Network Device
1 STIG
Network Device
1 STIGHP FlexFabric Switch NDM Security Technical Implementation Guide
V1R42025-06-121 of 79 findings match
M1
Web / Application Server
1 STIG
Web / Application Server
1 STIGJBoss Enterprise Application Platform 6.3 Security Technical Implementation Guide
V2R62025-02-201 of 67 findings match
M1
Virtualization / Container
1 STIG
Virtualization / Container
1 STIGVMware vSphere 7.0 vCenter Appliance Photon OS Security Technical Implementation Guide
V1R42024-12-161 of 113 findings match
M1