STIGhubSTIGhub
STIGsRMF ControlsCompare
STIGhub— A free STIG search and compliance tool·STIGs updated 3 days ago
Powered by Pylon·Privacy·Terms·© 2026 Beacon Cloud Solutions, Inc.
← All Controls

IA-11

Identification and AuthenticationRev 5organization

Re-Authentication

Baselines:LowModerateHigh

Control Statement

Require users to re-authenticate when [Assignment: circumstances or situations].

Supplemental Guidance

In addition to the re-authentication requirements associated with device locks, organizations may require re-authentication of individuals in certain situations, including when roles, authenticators or credentials change, when security categories of systems change, when the execution of privileged functions occurs, after a fixed time period, or periodically.

Related Controls (6)

AC-3AC-11IA-2IA-3IA-4IA-8

CCI Identifiers (4)

CCI-002039The organization requires devices to reauthenticate upon organization-defined circumstances or situations requiring reauthentication.CCI-002036Defines the circumstances or situations under which users will be required to reauthenticate.CCI-002037The organization defines the circumstances or situations under which devices will be required to reauthenticate.CCI-002038The organization requires users to reauthenticate upon organization-defined circumstances or situations requiring reauthentication.

Linked STIG Checks (178)

Across 87 STIGs. Click to expand.