Password policy does not prevent password reuse

Authentication

Password policy does not prevent password reuse

Risk Level

Informational (4)

Platform(s)

Compliance Frameworks

AliCloud CIS
CCM-CSA
CCPA
cis_8
CPRA
Data Security Posture Management (DSPM) Best Practices
essential_8_au
essential_8_au_level_2
HITRUST
ISO/IEC 27001
New Zealand Information Security Manual
NIST 800-171
NIST 800-53
PDPA
UK Cyber Essentials

Description

Password Policy is the set of rules that defines the password a RAM user can choose. A password that has been used in the past may have been compromised in the past, and enlarges the chances to steal the credentials of a RAM user using credential public databases. The cloud account {CloudAccount} was found to have too weak policy.

Recommended Mitigation

Review the password policy and require a password that was not used at the last 5 password changes.

Password policy does not prevent password reuse

Description

Need help?

CLOUD SECURITY PLATFORM

TECHNOLOGY ECOSYSTEM

By Solution

By Industry

COMPARISONS