Free DISA STIG and SRG Library | Vaulted

V-56827

The operating system must require users to re-authenticate when changing authenticators.

Finding ID
SRG-OS-000373-GPOS-00158
Rule ID
SV-71087r1_rule
Severity
Cat II
CCE
(None)
Group Title
SRG-OS-000373-GPOS-00158
CCI
CCI-002038
Target Key
(None)
Documentable
No
Discussion

Without re-authentication, users may access resources or perform tasks for which they do not have authorization. When operating systems provide the capability to change user authenticators, it is critical the user re-authenticate.

Fix Text

Configure the operating system to require users to re-authenticate when changing authenticators.

Check Content

Verify the operating system requires users to re-authenticate when changing authenticators. If it does not, this is a finding.