History
- Priority
- must
- Nov 2018
- Removed
- Removed due to a merge of relevant content into security control 1402.
- 2017
- Authentication information must be protected when communicated across networks.
- 2015
- Authentication information must be protected when communicated across networks.
- 2010
- Agencies must ensure that system authentication data is protected when in transit across networks.
- 2008
- Agencies must ensure that when system authentication data is communicated it is not susceptible to attacks including, but not limited to, replay, man-in-the-middle and session hijacking.