Skip to content
ATO Pathways
  Log In

CCI-000206

Obscure feedback of authentication information during the authentication process to protect the information from possible exploitation and use by unauthorized individuals.

Logo
2

Rule

Severity: Medium
The application server must obscure feedback of authentication information during the authentication process to protect the information from possible exploitation/use by unauthorized individuals.
Logo
2

Rule

Severity: High
The application must not display passwords/PINs as clear text.
Logo
2

Rule

Severity: High
The Central Log Server must obfuscate authentication information during the authentication process so that the authentication is not visible.
Logo
1

Rule

Severity: High
Applications using the database must obscure feedback of authentication information during the authentication process to protect the information from possible exploitation/use by unauthorized individuals.
Logo
1

Rule

Severity: High
When using command-line tools such as db2, users must use a Connect method that does not expose the password.
Logo
2

Rule

Severity: Medium
The Mainframe Product must obscure feedback of authentication information during the authentication process to protect the information from possible exploitation/use by unauthorized individuals.
Logo
7

Rule

Severity: High
Applications must obscure feedback of authentication information during the authentication process to protect the information from possible exploitation/use by unauthorized individuals.
Logo
3

Rule

Severity: High
When using command-line tools such as SQLCMD in a mixed-mode authentication environment, users must use a logon method that does not expose the password.
Logo
2

Rule

Severity: High
The network device must obscure feedback of authentication information during the authentication process to protect the information from possible exploitation/use by unauthorized individuals.
Logo
2

Rule

Severity: Medium
The UEM server must obscure feedback of authentication information during the authentication process to protect the information from possible exploitation/use by unauthorized individuals.
Logo
3

Rule

Severity: Medium
The macOS system must disable password hints.
Logo
3

Rule

Severity: Medium
The macOS system must remove password hints from user accounts.
Logo
2

Rule

Severity: Medium
The container platform must obscure feedback of authentication information during the authentication process to protect the information from possible exploitation/use by unauthorized individuals.
Logo
3

Rule

Severity: High
When using command-line tools such as psql, users must use a logon method that does not expose the password.
Logo
2

Rule

Severity: High
The DBMS must obscure feedback of authentication information during the authentication process to protect the information from possible exploitation/use by unauthorized individuals.
Logo
2

Rule

Severity: Medium
The operating system must obscure feedback of authentication information during the authentication process to protect the information from possible exploitation/use by unauthorized individuals.
Logo
2

Rule

Severity: Medium
ACF2 TSOTWX GSO record values must be set to obliterate the logon password on TWX devices.
Logo
2

Rule

Severity: Medium
ACF2 TSOCRT GSO record values must be set to obliterate the logon to ASCII CRT devices.
Logo
2

Rule

Severity: Medium
ACF2 TSO2741 GSO record values must be set to obliterate the logon password on 2741 devices.
Logo
2

Rule

Severity: High
MariaDB must obscure feedback of authentication information during the authentication process to protect the information from possible exploitation/use by unauthorized individuals.
Logo
3

Rule

Severity: High
MongoDB must obscure feedback of authentication information during the authentication process to protect the information from possible exploitation/use by unauthorized individuals.
Logo
1

Rule

Severity: High
When using command-line tools such as Oracle SQL*Plus, which can accept a plain-text password, users must use an alternative login method that does not expose the password.
Logo
2

Rule

Severity: High
The MySQL Database Server 8.0 must obscure feedback of authentication information during the authentication process to protect the information from possible exploitation/use by unauthorized individuals.
Logo
2

Rule

Severity: High
Redis Enterprise DBMS must obscure feedback of authentication information during the authentication process to protect the information from possible exploitation/use by unauthorized individuals.
Logo
2

Rule

Severity: Medium
The VMM must obscure feedback of authentication information during the authentication process to protect the information from possible exploitation/use by unauthorized individuals.
Logo
1

Rule

Severity: Medium
The BIG-IP appliance must be configured to obscure feedback of authentication information during the authentication process to protect the information from possible exploitation/use by unauthorized individuals.

Patternfly

PatternFly elements

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules