CMMC 1.0 Practice IA.1.077 Requirement:

Authenticate (or verify) the identities of those users, processes, or devices, as a prerequisite to allowing access to organizational information systems.

CMMC 1.0 IA.1.077 Requirement Explanation:

Before you provide access to a person or a device, you need to verify that the user or device is who or what it claims to be. This verification is called authentication. The most common way to verify identity is by using a username and a hard-to-guess password.

Example CMMC 1.0 IA.1.077 Implementation:

Password protect your user accounts, and change any default passwords on your systems.

CMMC 1.0 IA.1.077 Scenario(s):

- Scenario 1:

Alice, a system administrator, creates a group policy requiring all user accounts to be password protected.

- Scenario 2:

Alice, a system administrator received a new router in the mail. The router comes configured with a default password of "admin123". Alice changes the password to something complex that meets her company's password requirements.

Discover Our NIST SP 800-171 & CMMC 2.0 Solutions:


Compliance Accelerator

Power through compliance. Meet and maintain your NIST SP 800-171 & CMMC 2.0 compliance requirements.

Quantum Assessor

Transform your business. Create new revenue streams and provide scalability for your NIST SP 800-171 and CMMC 2.0 services.

Supply Chain Verifier

Trust is everything. Verify, monitor, and support subcontactor compliance.