STIGhubSTIGhub
STIGsRMF ControlsCompare
STIGhub— A free STIG search and compliance tool·STIGs updated 3 days ago
Powered by Pylon·Privacy·Terms·© 2026 Beacon Cloud Solutions, Inc.
← All Controls

IA-5 (7)

Identification and AuthenticationRev 5organization

No Embedded Unencrypted Static Authenticators

Control Statement

Ensure that unencrypted static authenticators are not embedded in applications or other forms of static storage.

Supplemental Guidance

In addition to applications, other forms of static storage include access scripts and function keys. Organizations exercise caution when determining whether embedded or stored authenticators are in encrypted or unencrypted form. If authenticators are used in the manner stored, then those representations are considered unencrypted authenticators.

CCI Identifiers (4)

CCI-000202The organization ensures unencrypted static authenticators are not embedded in access scripts.CCI-000203The organization ensures unencrypted static authenticators are not stored on function keys.CCI-004069Ensure that the unencrypted static authenticators are not embedded in applications or other forms of static storage.CCI-002367The organization ensures unencrypted static authenticators are not embedded in applications.

Linked STIG Checks (2)

Across 2 STIGs. Click to expand.