CMMC Practice Requirement:

Obscure feedback of authentication information.

CMMC Requirement Explanation:

If you do not obscure passwords when they are entered into your systems they can be observed by an attacker.

Example CMMC Implementation:

Ensure that your systems are configured to obscure passwords when they are entered into password fields. An example is when you enter your password into your laptop and displays dots instead of the password. This condition also applies to smart phones and tablets managed by your company.

Scenario(s):

- Scenario 1:

Example:

John types his password into his workstation. As he types it the password is obscured by dots.
The username is displayed and the password is obscured.
The username is displayed and the password is obscured.
 

Discover Our NIST SP 800-171 Solutions:

 /assets/images/compliance_accelerator_white.png

Compliance Accelerator

For contractors seeking compliance
 /assets/images/quantum_assessor_white.png

Quantum Assessor

For IT service providers
 /assets/images/supply_chain_logo_white.png

Supply Chain Verifier

For contractors seeking to verify partner compliance