AC-9: Previous Logon Notification
Control Family:
Threats Addressed:
Baselines:
- Low
N/A
- Moderate
N/A
- High
N/A
- Privacy
N/A
Previous Version:
- NIST Special Publication 800-53 Revision 4:
- AC-9: Previous Logon (Access) Notification
Control Statement
Notify the user, upon successful logon to the system, of the date and time of the last logon.
Supplemental Guidance
Previous logon notification is applicable to system access via human user interfaces and access to systems that occurs in other types of architectures. Information about the last successful logon allows the user to recognize if the date and time provided is not consistent with the user's last access.
Control Enhancements
AC-9(1): Unsuccessful Logons
Baseline(s):
Notify the user, upon successful logon, of the number of unsuccessful logon attempts since the last successful logon.
AC-9(2): Successful and Unsuccessful Logons
Baseline(s):
Notify the user, upon successful logon, of the number of [Assignment: successful logons, unsuccessful logon attempts, both] during [Assignment: organization-defined time period].
AC-9(3): Notification of Account Changes
Baseline(s):
Notify the user, upon successful logon, of changes to [Assignment: organization-defined security-related characteristics or parameters of the user’s account] during [Assignment: organization-defined time period].
AC-9(4): Additional Logon Information
Baseline(s):
Notify the user, upon successful logon, of the following additional information: [Assignment: organization-defined additional information].