NIST 800-53 REV 5 • IDENTIFICATION AND AUTHENTICATION

IA-5(11)Hardware Token-based Authentication

CMMC Practice Mapping

No direct CMMC mapping

NIST 800-171 Mapping

No direct NIST 800-171 mapping

Related Controls

No related controls listed

Practitioner Notes

This enhancement addresses hardware token-based authentication — using physical tokens like smart cards or USB security keys for authentication.

Example 1: Issue YubiKey 5 hardware tokens to all employees and require them for MFA, supporting FIDO2, PIV smart card, and TOTP authentication methods.

Example 2: Deploy CAC/PIV smart card readers on all workstations and require certificate-based authentication via the physical card for Windows logon.

More Identification and Authentication Controls

IA-1 Policy and Procedures IA-2 Identification and Authentication (Organizational Users) IA-2(1) Multi-factor Authentication to Privileged Accounts IA-2(2) Multi-factor Authentication to Non-privileged Accounts