| ALMA-09-037200 | V1R1 | AlmaLinux OS 9 PAM must be configured to use a sufficient number of password hashing rounds. | |
| ALMA-09-037310 | V1R1 | AlmaLinux OS 9 must be configured so that libuser is configured to store only encrypted representations of passwords. | |
| ALMA-09-037420 | V1R1 | AlmaLinux OS 9 must be configured so that the system's shadow file is configured to store only encrypted representations of passwords. | |
| ALMA-09-037530 | V1R1 | AlmaLinux OS 9 must be configured so that the Pluggable Authentication Module is configured to store only encrypted representations of passwords. | |
| ALMA-09-037640 | V1R1 | AlmaLinux OS 9 must be configured so that interactive user account passwords are using strong password hashes. | |
| UBTU-18-010104 | V2R15 | The Ubuntu operating system must encrypt all stored passwords with a FIPS 140-2 approved cryptographic hashing algorithm. | |
| UBTU-24-400220 | V1R1 | Ubuntu 24.04 LTS must store only encrypted representations of passwords. | |
| WN22-AC-000090 | V2R1 | Windows Server 2022 reversible password encryption must be disabled. | |
| WN22-SO-000300 | V2R1 | Windows Server 2022 must be configured to prevent the storage of the LAN Manager hash of passwords. | |
| WN10-AC-000045 | V2R8 | Reversible password encryption must be disabled. | |
| WN10-SO-000195 | V2R8 | The system must be configured to prevent the storage of the LAN Manager hash of passwords. | |
| WN11-AC-000045 | V2R1 | Reversible password encryption must be disabled. | |
| WN11-SO-000195 | V2R1 | The system must be configured to prevent the storage of the LAN Manager hash of passwords. | |
| UBTU-22-611055 | V2R1 | Ubuntu 22.04 LTS must store only encrypted representations of passwords. | |
| RHEL-08-010110 | V1R9 | RHEL 8 must encrypt all stored passwords with a FIPS 140-2 approved cryptographic hashing algorithm. | |
| RHEL-08-010120 | V1R9 | RHEL 8 must employ FIPS 140-2 approved cryptographic hashing algorithms for all stored passwords. | |
| RHEL-08-010130 | V1R9 | The RHEL 8 shadow password suite must be configured to use a sufficient number of hashing rounds. | |
| RHEL-07-010200 | V3R8 | The Red Hat Enterprise Linux operating system must be configured so that the PAM system service is configured to store only encrypted representations of passwords. | |
| RHEL-07-010210 | V3R8 | The Red Hat Enterprise Linux operating system must be configured to use the shadow file to store only encrypted representations of passwords. | |
| RHEL-07-010220 | V3R8 | The Red Hat Enterprise Linux operating system must be configured so that user and group account administration utilities are configured to store only encrypted representations of passwords. | |
| RHEL-09-611050 | V2R1 | RHEL 9 password-auth must be configured to use a sufficient number of hashing rounds. | |
| RHEL-09-611055 | V2R1 | RHEL 9 system-auth must be configured to use a sufficient number of hashing rounds. | |
| RHEL-09-611135 | V2R1 | RHEL 9 must be configured so that user and group account administration utilities are configured to store only encrypted representations of passwords. | |
| RHEL-09-611140 | V2R1 | RHEL 9 must be configured to use the shadow file to store only encrypted representations of passwords. | |
| RHEL-09-611150 | V2R1 | RHEL 9 shadow password suite must be configured to use a sufficient number of hashing rounds. | |
| RHEL-09-671015 | V2R1 | RHEL 9 must employ FIPS 140-3 approved cryptographic hashing algorithms for all stored passwords. | |
| RHEL-09-671025 | V2R1 | RHEL 9 pam_unix.so module must be configured in the password-auth file to use a FIPS 140-3 approved cryptographic hashing algorithm for system authentication. | |
| OL09-00-001050 | V1R1 | OL 9 must be configured so that user and group account administration utilities are configured to store only encrypted representations of passwords. | |
| OL09-00-001055 | V1R1 | OL 9 must be configured to use the shadow file to store only encrypted representations of passwords. | |
| OL09-00-001060 | V1R1 | OL 9 pam_unix.so module must be configured in the password-auth file to use a FIPS 140-3 approved cryptographic hashing algorithm for system authentication. | |
| OL09-00-001065 | V1R1 | OL 9 password-auth must be configured to use a sufficient number of hashing rounds. | |
| OL09-00-001070 | V1R1 | OL 9 system-auth must be configured to use a sufficient number of hashing rounds. | |
| OL09-00-001075 | V1R1 | OL 9 shadow password suite must be configured to use a sufficient number of hashing rounds. | |
| OL09-00-001080 | V1R1 | OL 9 must employ FIPS 140-3 approved cryptographic hashing algorithms for all stored passwords. | |
| WN16-AC-000090 | V2R10 | Windows Server 2016 reversible password encryption must be disabled. | |
| WN16-SO-000360 | V2R10 | Windows Server 2016 must be configured to prevent the storage of the LAN Manager hash of passwords. | |
| SLES-15-020170 | V1R9 | The SUSE operating system must configure the Linux Pluggable Authentication Modules (PAM) to only store encrypted representations of passwords. | |
| SLES-15-020180 | V1R9 | The SUSE operating system must employ FIPS 140-2-approved cryptographic hashing algorithms for all stored passwords. | |
| SLES-15-020190 | V1R9 | The SUSE operating system must employ FIPS 140-2-approved cryptographic hashing algorithms for all stored passwords. | |
| SLES-12-010220 | V2R13 | The SUSE operating system must employ FIPS 140-2-approved cryptographic hashing algorithms for all stored passwords. | |
| SLES-12-010230 | V2R13 | The SUSE operating system must configure the Linux Pluggable Authentication Modules (PAM) to only store encrypted representations of passwords. | |
| SLES-12-010240 | V2R13 | The SUSE operating system must employ FIPS 140-2-approved cryptographic hashing algorithms for all stored passwords. | |
| OL07-00-010200 | V2R14 | The Oracle Linux operating system must be configured so that the PAM system service is configured to store only encrypted representations of passwords. | |
| OL07-00-010210 | V2R14 | The Oracle Linux operating system must be configured to use the shadow file to store only encrypted representations of passwords. | |
| OL07-00-010220 | V2R14 | The Oracle Linux operating system must be configured so that user and group account administration utilities are configured to store only encrypted representations of passwords. | |
| OL07-00-010199 | V2R14 | The Oracle Linux operating system must be configured to prevent overwriting of custom authentication configuration settings by the authconfig utility. | |
| WN19-AC-000090 | V2R8 | Windows Server 2019 reversible password encryption must be disabled. | |
| WN19-SO-000300 | V2R8 | Windows Server 2019 must be configured to prevent the storage of the LAN Manager hash of passwords. | |
| OL08-00-010110 | V1R9 | OL 8 must encrypt all stored passwords with a FIPS 140-2 approved cryptographic hashing algorithm. | |
| OL08-00-010120 | V1R9 | OL 8 must employ FIPS 140-2 approved cryptographic hashing algorithms for all stored passwords. | |
| OL08-00-010130 | V1R9 | The OL 8 shadow password suite must be configured to use a sufficient number of hashing rounds. | |