Detections
Analytics
Application of Weak Password Policies on Users
critical
Language:
Description
Weak password policies increase the risk of users creating weak passwords that could allow attackers to steal easily through generic techniques such as brute force attacks, authentication challenge theft, etc.
Solution
Password policies for user accounts should enforce strong passwords with sufficient length and symbols, adapted to your requirements.
See Also
Indicator Details
Name: Application of Weak Password Policies on Users
Codename: C-PASSWORD-POLICY
Severity: Critical
Type: Active Directory Indicator of Exposure
Family: Authentication and Credentials
- Tactic: TA0001 - Initial Access
- Techniques: T1078 - Valid Accounts
- Tactic: TA0004 - Privilege Escalation
- Techniques: T1078 - Valid Accounts
- Tactic: TA0006 - Credential Access
- Techniques: T1110 - Brute Force