IA-5(7)

  • Requirement

    Ensure that unencrypted static authenticators are not embedded in applications or other forms of static storage.

  • Discussion

    In addition to applications, other forms of static storage include access scripts and function keys. Organizations exercise caution when determining whether embedded or stored authenticators are in encrypted or unencrypted form. If authenticators are used in the manner stored, then those representations are considered unencrypted authenticators.

More Info

  • Title

    Authenticator Management | No Embedded Unencrypted Static Authenticators
  • Family

    Identification and Authentication
  • NIST 800-53B Baseline(s)

    • Related NIST 800-53 ID

    NIST 800-53A Assessment Guidance

    CMMC Training

    Our CMMC Overview Course simplifies CMMC. Enroll so you can make informed decisions!