IA-11 Re-Authentication

Information Technology
Office of Information Security
Cybersecurity Controls Standards Catalog
Identification and Authentication (IA)
IA-11 Re-Authentication

Description

In addition to the re-authentication requirements associated with device locks, organizations may require re-authentication of individuals in certain situations, including when roles, authenticators, or credentials change, when security categories of systems change, when the execution of privileged functions occurs, after a fixed time period, or periodically.

Applicability

This Control applies to all Texas A&M-CC information resources. The intended audience for this Control includes all owners and custodians of information resources.

Implementation

Limit the lifetime of browser cookies used for binding authenticated sessions to organization-owned or -managed information systems to no more than five (5) days.

Revision History

Last Updated: February 21, 2025

Previous Versions:

June 29, 2023
May 31, 2022
March 25, 2021
September 16, 2019

See All News

Black History Month
- 02.27
Read More
Islander Homecoming 2025
- 02.27
Read More

See All Events