| Source | Azure Portal | ||
| Display name | Microsoft Managed Control 1322 - Authenticator Management | ||
| Id | 9d1d971e-467e-4278-9633-c74c3d4fecc4 | ||
| Version | 1.0.0 Details on versioning |
||
| Versioning |
Versions supported for Versioning: 0 Built-in Versioning [Preview] |
||
| Category | Regulatory Compliance Microsoft Learn |
||
| Description | Microsoft implements this Identification and Authentication control | ||
| Cloud environments | AzureCloud = true AzureUSGovernment = true AzureChinaCloud = unknown |
||
| Available in AzUSGov | The Policy is available in AzureUSGovernment cloud. Version: '1.0.0' Repository: Azure-Policy 9d1d971e-467e-4278-9633-c74c3d4fecc4 |
||
| Additional metadata |
Name/Id: ACF1322 / Microsoft Managed Control 1322 Category: Identification and Authentication Title: Authenticator Management - Lifetime Restrictions And Reuse Conditions Ownership: Customer, Microsoft Description: The organization manages information system authenticators by: Establishing minimum and maximum lifetime restrictions and reuse conditions for authenticators; Requirements: Authenticator requirements for domain accounts are the following: * Enforce password history = 24 passwords remembered * Maximum password age = 70 days * Minimum password age = 1 day These requirements are defined and managed by C+AI Security.For smart cards, PINs are required to be at least four digits. PINs do not currently have maximum lifetimes. |
||
| Mode | Indexed | ||
| Type | Static | ||
| Preview | False | ||
| Deprecated | False | ||
| Effect | Fixed audit |
||
| RBAC role(s) | none | ||
| Rule aliases | none | ||
| Rule resource types | IF (2) |
||
| Compliance | Not a Compliance control | ||
| Initiatives usage | none | ||
| History | none | ||
| JSON compare | n/a | ||
| JSON |
|