Control: The information system obscures feedback of authentication information during the authentication process to protect the information from possible exploitation/use by unauthorized individuals.

Supplemental Guidance: The feedback from the information system does not provide information that would allow an unauthorized user to compromise the authentication mechanism. Displaying asterisks when a user types in a password is an example of obscuring feedback of authentication information.

Control Enhancements: (0) None.

Baseline: LOW IA-6 MOD IA-6 HIGH IA-6

Family: Identification And Authentication

Class: Technical

ISO 17799 mapping: 11.5.1

COBIT 4.1 mapping: None.