← Back to catalog
IA-2(8)

Access to Accounts — Replay Resistant

Identification and Authentication (IA)
Baselines
Low · IncludedModerate · IncludedHigh · Included
Description

Implement replay-resistant authentication mechanisms for access to [assignment].

Discussion

Authentication processes resist replay attacks if it is impractical to achieve successful authentications by replaying previous authentication messages. Replay-resistant techniques include protocols that use nonces or challenges such as time synchronous or cryptographic authenticators.

Implementation guidance

No content available.

CSF 2.0 crosswalk

No CSF mappings exist for this control.