Microsoft implements this Identification and Authentication control
Name/Id: ACF1322 / Microsoft Managed Control 1322 Category: Identification and Authentication Title: Authenticator Management - Lifetime Restrictions And Reuse Conditions Ownership: Customer, Microsoft Description: The organization manages information system authenticators by: Establishing minimum and maximum lifetime restrictions and reuse conditions for authenticators; Requirements: Authenticator requirements for domain accounts are the following:
* Enforce password history = 24 passwords remembered
* Maximum password age = 70 days
* Minimum password age = 1 day
These requirements are defined and managed by C+AI Security.For smart cards, PINs are required to be at least four digits. PINs do not currently have maximum lifetimes.
Rule resource types
IF (2) Microsoft.Resources/subscriptions Microsoft.Resources/subscriptions/resourceGroups