You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
@@ -98,7 +98,7 @@ Note: Passwords are not to have a maximum lifetime or be subject to password rot
|**2.3.1**|[MODIFIED] Verify that system generated initial passwords or activation codes are securely randomly generated, follow the existing password policy, and expire after a short period of time or after they are initially used. These initial secrets must not be permitted to become the long term password. | ✓ | ✓ | ✓ | 330 |
|**2.3.2**|[DELETED, MERGED TO 2.2.4]|||||
|**2.3.3**|[MODIFIED] Verify that renewal instructions for authentication mechanisms which expire are sent with enough time to be carried out before the old authentication mechanism expires, configuring automated reminders if necessary. || ✓ | ✓ | 287 |
|**2.3.4**|[ADDED] Verify that administrative users can initiate the password reset process for the user, but that this does not allow them to change or choose the user's password. This prevents a situation where they know the user's password.| ✓ | ✓ | ✓ | 620 |
|**2.3.4**|[ADDED] Verify that administrative users can initiate the password reset process for the user, but that this does not allow them to change or choose the user's password. This prevents a situation where they know the user's password.| ✓ | ✓ | ✓ | 620 |
