| Control ID |
Control Description | Data Protection Classification | ||||||
| Level 1 | Level 2 | Level 3 | Level 4 | |||||
| IA-4 | Employ replay-resistant authentication mechanisms for network access to privileged and nonprivileged accounts. | recommended | recommended | required | required | |||
| IA-5 | Prevent reuse of identifiers for a defined period. | recommended | recommended | required | essential | |||
| IA-7 | Enforce a minimum password complexity and change of characters when new passwords are created. | required | required | required | required | |||
| IA-8 | Prohibit password reuse for a specified number of generations. | essential | essential | essential | essential | |||
| IA-9 | Allow temporary password use for system logons with an immediate change to a permanent password. | recommended | recommended | required | essential | |||
| IA-11 | Obscure feedback of authentication information. | required | required | essential | essential | |||