Use AAL2/3 Passkeys in All Other Contexts

tip

This check is currently under development and not yet implemented. Click here to learn how you can help.

Description

Ensure all other contexts use a passkey (AAL2) or hardware key (AAL3) activated by a password or biometrics

Details

• Default Category: user authentication
• Default Priority Group: R1
• C-SCRM: true
• Mitre: CWE-308
• Mitre: M1032
• Sources: OpenSSF Great MFA Project Security Rationale
• Sources: NIST SP 800-63Bsup1