last sync: 2024-Feb-21 20:03:25 UTC

Microsoft Managed Control 1322 - Authenticator Management | Regulatory Compliance - Identification and Authentication

Azure BuiltIn Policy definition

Source Azure Portal
Display name Microsoft Managed Control 1322 - Authenticator Management
Id 9d1d971e-467e-4278-9633-c74c3d4fecc4
Version 1.0.0
Details on versioning
Category Regulatory Compliance
Microsoft Learn
Description Microsoft implements this Identification and Authentication control
Additional metadata Name/Id: ACF1322 / Microsoft Managed Control 1322
Category: Identification and Authentication
Title: Authenticator Management - Lifetime Restrictions And Reuse Conditions
Ownership: Customer, Microsoft
Description: The organization manages information system authenticators by: Establishing minimum and maximum lifetime restrictions and reuse conditions for authenticators;
Requirements: Authenticator requirements for domain accounts are the following: * Enforce password history = 24 passwords remembered * Maximum password age = 70 days * Minimum password age = 1 day These requirements are defined and managed by C+AI Security.For smart cards, PINs are required to be at least four digits. PINs do not currently have maximum lifetimes.
Mode Indexed
Type Static
Preview False
Deprecated False
Effect Fixed
audit
RBAC role(s) none
Rule aliases none
Rule resource types IF (2)
Microsoft.Resources/subscriptions
Microsoft.Resources/subscriptions/resourceGroups
Compliance Not a Compliance control
Initiatives usage none
History none
JSON compare n/a
JSON
api-version=2021-06-01
EPAC