In addition to the re-authentication requirements associated with device locks, organizations may require re-authentication of individuals in certain situations, including when roles, authenticators or credentials change, when security categories of systems change, when the execution of privileged functions occurs, after a fixed time period, or periodically.
| Capability ID | Capability Description | Mapping Type | ATT&CK ID | ATT&CK Name |
|---|---|---|---|---|
| IA-11 | Re-authentication | Protects | T1110 | Brute Force |
| IA-11 | Re-authentication | Protects | T1110.003 | Password Spraying |
| IA-11 | Re-authentication | Protects | T1110.004 | Credential Stuffing |
| IA-11 | Re-authentication | Protects | T1110.001 | Password Guessing |
| IA-11 | Re-authentication | Protects | T1110.002 | Password Cracking |
| IA-11 | Re-authentication | Protects | T1556.006 | Multi-Factor Authentication |
| IA-11 | Re-authentication | Protects | T1556.007 | Hybrid Identity |