Documentation - V-222527

V-222527

Application Security and Development Security Technical Implementation Guide

CAT II

Title

The application must use multifactor (Alt. Token) authentication for local access to privileged accounts.

Description

<VulnDiscussion>Multifactor authentication (MFA) requires using two or more factors to achieve authentication and access. Factors include: (i) something a user knows (e.g., password/PIN); (ii) something a user has (e.g., cryptographic identification device, token); or (iii) something a user is (e.g., biometric). MFA decreases the attack surface by virtue of the fact that attackers must obtain two factors, a physical token or a biometric and a PIN, in order to authenticate. It is not enough to ...

Fix Text (Documentation Requirement)

Configure the application to only use Alt. Tokens when locally accessing privileged application accounts.

View Full STIG Details →

Documentation Status

Status

Documented Verified - link to a ship document Awaiting Review Evidence submitted, needs verification Pending Needs documentation Not Required Documentation not needed Not Applicable STIG doesn't apply

Notes (Optional)

Cancel