Detections
Analytics
Application of Weak Password Policies on Users
critical
Language:
Description
Weak password policies directly expose the organization to compromise by permitting easily guessable passwords, leaving critical assets vulnerable to common credential theft techniques like brute-forcing or default password.
Solution
Password policies for user accounts should enforce strong passwords with sufficient length and symbols, adapted to your requirements.
See Also
AD DS: Fine-Grained Password Policies
Configure fine grained password policies for Active Directory Domain Services
Indicator Details
Name: Application of Weak Password Policies on Users
Codename: C-PASSWORD-POLICY
Severity: Critical
Type: Active Directory Indicator of Exposure
Family: Authentication and Credentials
- Tactic: TA0001 - Initial Access
- Techniques: T1078 - Valid Accounts
- Tactic: TA0004 - Privilege Escalation
- Techniques: T1078 - Valid Accounts
- Tactic: TA0006 - Credential Access
- Techniques: T1110 - Brute Force