Control Description Data Protection Classification
Level 1 Level 2 Level 3 Level 4
IA-4 Employ replay-resistant authentication mechanisms for network access to privileged and nonprivileged accounts. recommended recommended required required
IA-5 Prevent reuse of identifiers for a defined period. recommended recommended required essential
IA-7 Enforce a minimum password complexity and change of characters when new passwords are created. required required required required
IA-8 Prohibit password reuse for a specified number of generations. essential essential essential essential
IA-9 Allow temporary password use for system logons with an immediate change to a permanent password. recommended recommended required essential
IA-11 Obscure feedback of authentication information. required required essential essential