Replay-Resistant Authentication from NIST 800-171 Rev 3 framework

SAMMY UI is optimized for resolutions with a width 1024px and higher.

Access Control
Awareness and Training
- Literacy Training and Awareness
- Role-Based Training
Audit and Accountability
Configuration Management
Identification and Authentication
Incident Response
Maintenance
Media Protection
Personnel Security
- Personnel Screening
- Personnel Termination and Transfer
Physical Protection
Risk Assessment
Security Assessment and Monitoring
System and Communications Protection
System and Information Integrity
Planning
System and Services Acquisition
Supply Chain Risk Management

03.05.04: Replay-Resistant Authentication

Replay-Resistant Authentication

03.05.04: Replay-Resistant Authentication

Implement replay-resistant authentication mechanisms for access to privileged and non-privileged accounts.

Description

Authentication processes resist replay attacks if it is impractical to successfully authenticate by recording or replaying previous authentication messages. Replay-resistant techniques include protocols that use nonces or challenges, such as time synchronous or challenge-response one-time authenticators.