IA-02.8: Access to Accounts — Replay Resistant

IA-02.8 · Access to Accounts — Replay Resistant

Control Description

Implement replay-resistant authentication mechanisms for access to {{ insert: param, ia-02.08_odp }}.

Impact Baselines

Security baselines where this control applies

Not in any baseline

Control Properties

SP800-53-enhancement

system

Enhancement

Control Statement

The control requirements

Implement replay-resistant authentication mechanisms for access to {{ insert: param, ia-02.08_odp }}.

Supplemental Guidance

Authentication processes resist replay attacks if it is impractical to achieve successful authentications by replaying previous authentication messages. Replay-resistant techniques include protocols that use nonces or challenges such as time synchronous or cryptographic authenticators.