CMMC 1.0 Practice IA.2.080 Requirement:

Allow temporary password use for system logons with an immediate change to a permanent password.

CMMC 1.0 IA.2.080 Requirement Explanation:

Temporary passwords often follow a consistent style (e.g. ChangeMe2020!), this means that they can be more easily guessed by an attacker. If users are forced to change their password upon receiving a temporary one you can reduce this risk. For added security you can provide employees with a randomly generated password when they request a reset.

Example CMMC 1.0 IA.2.080 Implementation:

When providing a temporary password to a user set their account to require a password reset upon login. An example of when this will need to be done is when providing a password to a new employee or when an employee requests a password reset.

CMMC 1.0 IA.2.080 Scenario(s):

- Scenario 1:

John has requested a new password. Alice resets his password and sets his account to require a new password upon login. Alice provides John with the password, when John logs in he is required to set a new one.
 

Discover Our NIST SP 800-171 & CMMC 2.0 Solutions:

 /assets/images/app/complaince_accelerator.gif

Compliance Accelerator

Power through compliance. Meet and maintain your NIST SP 800-171 & CMMC 2.0 compliance requirements.
 /assets/images/app/quantum_accelerator.gif

Quantum Assessor

Transform your business. Create new revenue streams and provide scalability for your NIST SP 800-171 and CMMC 2.0 services.
 /assets/images/app/supply_chain_verifier.gif

Supply Chain Verifier

Trust is everything. Verify, monitor, and support subcontactor compliance.