STIGViewer Trial workspace — loading your subscription…

NIST 800-53 Rev 5

424 controls available

IA-8(2)lowmoderatehigh

Acceptance of External Authenticators

Identification and Authentication

Control Statement

Accept only external authenticators that are NIST-compliant; and Document and maintain a list of accepted external authenticators.

Discussion

Acceptance of only NIST-compliant external authenticators applies to organizational systems that are accessible to the public (e.g., public-facing websites). External authenticators are issued by nonfederal government entities and are compliant with [SP 800-63B](#e59c5a7c-8b1f-49ca-8de0-6ee0882180ce) . Approved external authenticators meet or exceed the minimum Federal Government-wide technical, security, privacy, and organizational maturity requirements. Meeting or exceeding Federal requirements allows Federal Government relying parties to trust external authenticators in connection with an authentication transaction at a specified authenticator assurance level.

Framework
NIST SP 800-53 Rev 5
Family
Identification and Authentication
Baselines
low, moderate, high

Related Frameworks

3 paths across 1 framework
CCI3 mappings
CCI-002011
1.00
  • DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-004083
1.00
  • DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-004084
1.00
  • DISA · 2025-01-23 · disa_cci_list · equivalent

Related STIGs

45 STIGs reach this control through 18 CCIs. Expand a row to see the responsible NICE and O*NET roles.

Operating System — Desktop

2 STIGs

Operating System — Server

7 STIGs

Operating System — Mainframe

4 STIGs
Mainframe Product Security Requirements Guide
V3R42025-09-105 of 194 findings match
CA IDMS Security Technical Implementation Guide
V2R12024-09-131 of 74 findings match
IBM z/OS RACF Security Technical Implementation Guide
V9R82026-03-091 of 222 findings match

Network Device

7 STIGs

Database

13 STIGs
Database Security Requirements Guide
V4R52026-02-261 of 142 findings match
Show 5 more STIGs in this category →

Web / Application Server

3 STIGs

Virtualization / Container

3 STIGs
Container Platform Security Requirements Guide
V2R42025-09-101 of 188 findings match
Virtual Machine Manager Security Requirements Guide
V2R32025-09-101 of 198 findings match

Cloud / Identity Service

1 STIG

Endpoint Security Management

3 STIGs

Productivity Application

1 STIG

Uncategorized

1 STIG