← Back to catalog
IA-2(8)
Access to Accounts — Replay Resistant
Identification and Authentication (IA)
Baselines
Low · IncludedModerate · IncludedHigh · Included
Description
Implement replay-resistant authentication mechanisms for access to [assignment].
Discussion
Authentication processes resist replay attacks if it is impractical to achieve successful authentications by replaying previous authentication messages. Replay-resistant techniques include protocols that use nonces or challenges such as time synchronous or cryptographic authenticators.
Implementation guidance
No content available.
CSF 2.0 crosswalk
No CSF mappings exist for this control.