Application of Weak Password Policies on Users

critical

Description

Weak password policies increase the risk of users creating weak passwords that could allow attackers to steal easily through generic techniques such as brute force attacks, authentication challenge theft, etc.

Solution

Password policies for user accounts should enforce strong passwords using more than 7 characters and symbols.

See Also

AD DS: Fine-Grained Password Policies

Configuring Password Policies

Indicator Details

Name: Application of Weak Password Policies on Users

Codename: C-PASSWORD-POLICY

Severity: Critical

MITRE ATT&CK Information: