CMMC Practice IA.L2-3.5.5

Identifier Reuse: Prevent reuse of identifiers for a defined period.

Monarch ISC Guidance

Assigning unique credentials, and then not re-using them, provides consistent results and prevents confusion when auditing resources and reviewing audit logs. This may not apply or be practical when replacing failed and/or end of life hardware when reusing a server name is desirable for user continuity and system availability. Note the exception in your policy.

Discussion From Source

NIST SP 800-171 R2 Identifiers are provided for users, processes acting on behalf of users, or devices (IA.L2-3.5.1). Preventing reuse of identifiers implies preventing the assignment of previously used individual, group, role, or device identifiers to different individuals, groups, roles, or devices.

References