← Back to catalog
AC-7(4)
Use of Alternate Authentication Factor
Access Control (AC)
Baselines
Low · Not includedModerate · Not includedHigh · Not included
Description
Allow the use of [assignment] that are different from the primary authentication factors after the number of organization-defined consecutive invalid logon attempts have been exceeded; and Enforce a limit of [assignment] consecutive invalid logon attempts through use of the alternative factors by a user during a [assignment].
Discussion
The use of alternate authentication factors supports the objective of availability and allows a user who has inadvertently been locked out to use additional authentication factors to bypass the lockout.
Implementation guidance
No content available.
CSF 2.0 crosswalk
No CSF mappings exist for this control.