NIST 800-171 R-3.5.4
Use Replay-Resistant Authentication
Official citation: 3.5.4
Class: core · Severity: high
Statement of the obligation — verify against source
3.5.4
What it means
Use authentication that resists replay attacks for network access to both privileged and non-privileged accounts, so an attacker can't succeed by recording and replaying earlier authentication messages. Replay-resistant techniques include protocols that use nonces or challenges, such as time-synchronous or challenge-response one-time authenticators.
Educational reference only — not legal advice. Consult a qualified assessor or attorney for binding compliance determinations.