Reference: CMMC 2.0
Level Introduced: 2
Title: Obscure Feedback
Obscure feedback of authentication information.
A password is a type of authentication information. When users enter this information, the system displays a symbol, such as an asterisk. This prevents others from seeing the actual characters. The organization should obscure feedback based on a defined policy. For example, smaller devices may briefly show characters before obscuring.
You are in charge of IT for your company. You set up your systems to display a symbol, such as an asterisk, when users enter their passwords into a computer system. For your mobile devices, the password characters are briefly displayed to the user before being obscured. This prevents people from figuring out passwords by looking over someone's shoulder.