NIST 800-53 Rev 5
424 controls available
IA-8(2)lowmoderatehigh
Acceptance of External Authenticators
Identification and Authentication
Control Statement
Accept only external authenticators that are NIST-compliant; and Document and maintain a list of accepted external authenticators.
Discussion
Acceptance of only NIST-compliant external authenticators applies to organizational systems that are accessible to the public (e.g., public-facing websites). External authenticators are issued by nonfederal government entities and are compliant with [SP 800-63B](#e59c5a7c-8b1f-49ca-8de0-6ee0882180ce) . Approved external authenticators meet or exceed the minimum Federal Government-wide technical, security, privacy, and organizational maturity requirements. Meeting or exceeding Federal requirements allows Federal Government relying parties to trust external authenticators in connection with an authentication transaction at a specified authenticator assurance level.
- Framework
- NIST SP 800-53 Rev 5
- Family
- Identification and Authentication
- Baselines
- low, moderate, high
Related Frameworks
3 paths across 1 framework
Related Frameworks
CCI3 mappings
CCI-002011
1.00
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-004083
1.00
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-004084
1.00
- DISA · 2025-01-23 · disa_cci_list · equivalent
Related STIGs
66 STIGs reach this control through 18 CCIs. Expand a row to see the responsible NICE and O*NET roles.
Operating System — Desktop
3 STIGs
Operating System — Desktop
3 STIGsMicrosoft Windows 11 Security Technical Implementation Guide
22025-05-152 of 258 findings match
M2
Microsoft Windows 11 Security Technical Implementation Guide
V2R72026-02-122 of 262 findings match
M2
Microsoft Windows 10 Security Technical Implementation Guide
32025-02-251 of 261 findings match
M1
Operating System — Server
11 STIGs
Operating System — Server
11 STIGsGeneral Purpose Operating System Security Requirements Guide
32024-12-042 of 198 findings match
M2
General Purpose Operating System Security Requirements Guide
V3R32025-09-222 of 203 findings match
M2
Microsoft Windows Server 2019 Security Technical Implementation Guide
32025-05-231 of 275 findings match
M1
Microsoft Windows Server 2019 Security Technical Implementation Guide
V3R82026-02-121 of 282 findings match
M1
Microsoft Windows Server 2022 Security Technical Implementation Guide
22025-05-151 of 275 findings match
M1
Microsoft Windows Server 2022 Security Technical Implementation Guide
V2R82026-02-131 of 282 findings match
M1
Microsoft Windows Server 2025 Security Technical Implementation Guide
V1R12026-02-201 of 284 findings match
M1
Solaris 11 SPARC Security Technical Implementation Guide
32025-05-051 of 217 findings match
M1
Show 3 more STIGs in this category →Hide additional STIGs
Solaris 11 SPARC Security Technical Implementation Guide
V3R52026-02-191 of 217 findings match
M1
Solaris 11 X86 Security Technical Implementation Guide
32025-05-051 of 216 findings match
M1
Solaris 11 X86 Security Technical Implementation Guide
V3R52026-02-191 of 216 findings match
M1
Operating System — Mainframe
6 STIGs
Operating System — Mainframe
6 STIGsMainframe Product Security Requirements Guide
32024-12-055 of 193 findings match
M5
Mainframe Product Security Requirements Guide
V3R42025-09-105 of 194 findings match
M5
CA IDMS Security Technical Implementation Guide
V2R12024-09-131 of 74 findings match
M1
IBM z/OS RACF Security Technical Implementation Guide
92025-06-241 of 224 findings match
M1
IBM z/OS RACF Security Technical Implementation Guide
V9R82026-03-091 of 222 findings match
M1
IBM zVM Using CA VM:Secure Security Technical Implementation Guide
V2R22022-08-311 of 77 findings match
M1
Network Device
9 STIGs
Network Device
9 STIGsApplication Layer Gateway Security Requirements Guide
22024-12-042 of 155 findings match
M2
Application Layer Gateway Security Requirements Guide
V2R32025-09-152 of 160 findings match
M2
IBM DataPower ALG Security Technical Implementation Guide
V1R12016-01-212 of 65 findings match
M2
Akamai KSD Service Impact Level 2 ALG Security Technical Implementation Guide
V1R12017-09-151 of 33 findings match
M1
Juniper SRX Services Gateway VPN Security Technical Implementation Guide
V3R22024-12-201 of 28 findings match
M1
Symantec Edge SWG ALG Security Technical Implementation Guide
V1R12025-12-161 of 15 findings match
M1
Symantec ProxySG ALG Security Technical Implementation Guide
V1R32020-03-271 of 66 findings match
M1
Virtual Private Network (VPN) Security Requirements Guide
32024-12-191 of 82 findings match
M1
Show 1 more STIG in this category →Hide additional STIGs
Virtual Private Network (VPN) Security Requirements Guide
V3R42025-09-101 of 92 findings match
M1
Database
18 STIGs
Database
18 STIGsCrunchy Data Postgres 16 Security Technical Implementation Guide
12024-06-171 of 111 findings match
M1
Crunchy Data Postgres 16 Security Technical Implementation Guide
V1R22026-02-271 of 111 findings match
M1
Crunchy Data PostgreSQL Security Technical Implementation Guide
V3R12024-08-271 of 113 findings match
M1
Database Security Requirements Guide
42024-12-041 of 142 findings match
M1
Database Security Requirements Guide
V4R52026-02-261 of 142 findings match
M1
EnterpriseDB Postgres Advanced Server (EPAS) Security Technical Implementation Guide
V2R12024-08-271 of 118 findings match
M1
MariaDB Enterprise 10.x Security Technical Implementation Guide
22024-12-051 of 110 findings match
M1
MariaDB Enterprise 10.x Security Technical Implementation Guide
V2R52026-03-021 of 107 findings match
M1
Show 10 more STIGs in this category →Hide additional STIGs
MarkLogic Server v9 Security Technical Implementation Guide
V3R22024-09-041 of 80 findings match
M1
Microsoft Azure SQL Database Security Technical Implementation Guide
V2R32025-06-111 of 76 findings match
M1
Microsoft Azure SQL Managed Instance Security Technical Implementation Guide
V1R12025-10-071 of 84 findings match
M1
MongoDB Enterprise Advanced 7.x Security Technical Implementation Guide
V1R12024-09-271 of 50 findings match
M1
MS SQL Server 2016 Instance Security Technical Implementation Guide
32025-06-111 of 101 findings match
M1
MS SQL Server 2016 Instance Security Technical Implementation Guide
V3R62025-12-081 of 84 findings match
M1
Oracle Database 19c Security Technical Implementation Guide
12025-06-241 of 96 findings match
M1
Oracle Database 19c Security Technical Implementation Guide
V1R52026-02-251 of 96 findings match
M1
Oracle MySQL 8.0 Security Technical Implementation Guide
V2R22024-09-041 of 100 findings match
M1
Redis Enterprise 6.x Security Technical Implementation Guide
V2R22024-09-041 of 71 findings match
M1
Web / Application Server
6 STIGs
Web / Application Server
6 STIGsApplication Security and Development Security Technical Implementation Guide
62025-02-125 of 286 findings match
M5
Application Security and Development Security Technical Implementation Guide
V6R42025-09-095 of 286 findings match
M5
Application Server Security Requirements Guide
42025-02-114 of 128 findings match
M4
Application Server Security Requirements Guide
V4R42025-09-104 of 137 findings match
M4
IBM WebSphere Traditional V9.x Security Technical Implementation Guide
12018-08-241 of 76 findings match
M1
IBM WebSphere Traditional V9.x Security Technical Implementation Guide
V2R12026-02-261 of 77 findings match
M1
Virtualization / Container
5 STIGs
Virtualization / Container
5 STIGsNutanix Acropolis Application Server Security Technical Implementation Guide
V1R12026-02-242 of 31 findings match
M2
Container Platform Security Requirements Guide
22025-05-151 of 187 findings match
M1
Container Platform Security Requirements Guide
V2R42025-09-101 of 188 findings match
M1
Virtual Machine Manager Security Requirements Guide
22024-12-061 of 193 findings match
M1
Virtual Machine Manager Security Requirements Guide
V2R32025-09-101 of 198 findings match
M1
Cloud / Identity Service
2 STIGs
Cloud / Identity Service
2 STIGsActive Directory Domain Security Technical Implementation Guide
32024-09-131 of 36 findings match
M1
Active Directory Domain Security Technical Implementation Guide
V3R72026-02-111 of 36 findings match
M1
Endpoint Security Management
4 STIGs
Endpoint Security Management
4 STIGsTanium 7.x Security Technical Implementation Guide
V2R32025-05-142 of 98 findings match
M2
Dragos Platform 2.x Security Technical Implementation Guide
12025-05-151 of 19 findings match
M1
Dragos Platform 2.x Security Technical Implementation Guide
V1R62026-02-181 of 19 findings match
M1
Tanium 7.x Application on TanOS Security Technical Implementation Guide
V2R22025-02-111 of 75 findings match
M1
Productivity Application
1 STIG
Productivity Application
1 STIGAvePoint Compliance Guardian Security Technical Implementation Guide
V1R12023-02-212 of 10 findings match
M2
Uncategorized
1 STIG
Uncategorized
1 STIGMicrosoft SharePoint 2013 Security Technical Implementation Guide
22024-12-101 of 37 findings match
M1