| CR 1.1 |
Human user identification and authentication |
Component |
| CR 1.1 RE1 |
Unique identification and authentication |
Component |
| CR 1.1 RE2 |
Multi-factor authentication for all interfaces |
System |
| CR 1.2 |
Software process and device identification and authentication |
Component |
| CR 1.2 RE1 |
Unique identification and authentication |
Component |
| CR 1.3 |
Account management |
Component |
| CR 1.4 |
Identifier management |
Component |
| CR 1.5 |
Authenticator management |
Component |
| CR 1.5 RE1 |
Hardware security for authenticators |
System |
| NDR 1.6 |
Wireless access management |
Not Applicable |
| NDR 1.6 RE1 |
Unique identification and authentication |
Not Applicable |
| CR 1.7 |
Strength of password-based authentication |
Component |
| CR 1.7 RE1 |
Password generation and lifetime restrictions for human users |
System |
| CR 1.7 RE2 |
Password lifetime restrictions for all users (human, software
process, or device) |
System |
| CR 1.8 |
Public key infrastructure certificates |
Component |
| CR 1.9 |
Strength of public key-based authentication |
Component |
| CR 1.9 RE1 |
Hardware security for public key-based authentication |
Not Applicable |
| CR 1.10 |
Authenticator feedback |
Component |
| CR 1.11 |
Unsuccessful login attempts |
System |
| CR 1.12 |
System use notification |
Component |
| NDR 1.13 |
Access via untrusted networks |
Not Applicable |
| NDR 1.13 RE1 |
Explicit access request approval |
Not Applicable |
| CR 1.14 |
Strength of symmetric key-based authentication |
Not Applicable |
| CR 1.14 RE1 |
Hardware security for symmetric key-based authentication |
Not Applicable |
