← Back to catalog
AC-7(4)

Use of Alternate Authentication Factor

Access Control (AC)
Baselines
Low · Not includedModerate · Not includedHigh · Not included
Description

Allow the use of [assignment] that are different from the primary authentication factors after the number of organization-defined consecutive invalid logon attempts have been exceeded; and Enforce a limit of [assignment] consecutive invalid logon attempts through use of the alternative factors by a user during a [assignment].

Discussion

The use of alternate authentication factors supports the objective of availability and allows a user who has inadvertently been locked out to use additional authentication factors to bypass the lockout.

Implementation guidance

No content available.

CSF 2.0 crosswalk

No CSF mappings exist for this control.