IA-2(8)—Access To Accounts — Replay Resistant
LOW
MODERATE
HIGH
>Control Description
Implement replay-resistant authentication mechanisms for access to [Selection (one or more): privileged accounts; non-privileged accounts].
>Supplemental Guidance
Authentication processes resist replay attacks if it is impractical to achieve successful authentications by replaying previous authentication messages. Replay-resistant techniques include protocols that use nonces or challenges such as time synchronous or cryptographic authenticators.