Password policy does not require lowercase letter

Authentication

Password policy does not require lowercase letter

Risk Level

Informational (4)

Platform(s)

Compliance Frameworks

AliCloud CIS
CCM-CSA
CCPA
cis_8
CPRA
Data Security Posture Management (DSPM) Best Practices
essential_8_au
essential_8_au_level_2
HITRUST
ISO/IEC 27001
New Zealand Information Security Manual
NIST 800-171
NIST 800-53
PDPA
UK Cyber Essentials

Description

Password Policy is the set of rules that defines the password a RAM user can choose. A weak password enlarges the chances to steal the credentials of a RAM user using methodologies such as Brute Force attacks. The cloud account {CloudAccount} was found to have too weak policy.

Recommended Mitigation

Review the password policy and require at least one lowercase letter.

Password policy does not require lowercase letter

Description

Need help?

CLOUD SECURITY PLATFORM

TECHNOLOGY ECOSYSTEM

By Solution

By Industry

COMPARISONS