Authentication

Password policy doesn’t expire passwords in 90 days

Risk Level

Informational (4)

Platform(s)

Description

It was found that the password policy does not expire in 90 days. By not rotating password every 90 days, the risk of user theft is rising.
  • Recommended Mitigation

    It is recommended to set passwords to expire after 90 days