IA-2(5): Individual Authentication with Group Authentication
Control Family:
Threats Addressed:
Baselines:
- High
Previous Version:
- NIST Special Publication 800-53 Revision 4:
- IA-2(5): Group Authentication
Control Statement
When shared accounts or authenticators are employed, require users to be individually authenticated before granting access to the shared accounts or resources.
Supplemental Guidance
Individual authentication prior to shared group authentication mitigates the risk of using group accounts or authenticators.