Source | Azure Portal | ||||||||||||||||||||||
Display name | Microsoft Managed Control 1328 - Authenticator Management | Password-Based Authentication | ||||||||||||||||||||||
Id | f5c66fdc-3d02-4034-9db5-ba57802609de | ||||||||||||||||||||||
Version | 1.0.0 Details on versioning |
||||||||||||||||||||||
Versioning |
Versions supported for Versioning: 0 Built-in Versioning [Preview] |
||||||||||||||||||||||
Category | Regulatory Compliance Microsoft Learn |
||||||||||||||||||||||
Description | Microsoft implements this Identification and Authentication control | ||||||||||||||||||||||
Cloud environments | AzureCloud = true AzureUSGovernment = true AzureChinaCloud = unknown |
||||||||||||||||||||||
Available in AzUSGov | The Policy is available in AzureUSGovernment cloud. Version: '1.0.0' Repository: Azure-Policy f5c66fdc-3d02-4034-9db5-ba57802609de |
||||||||||||||||||||||
Additional metadata |
Name/Id: ACF1328 / Microsoft Managed Control 1328 Category: Identification and Authentication Title: Authenticator Management | Password-Based Authentication - Changed Character Count Ownership: Customer, Microsoft Description: The information system, for password-based authentication: Enforces at least the following number of changed characters when new passwords are created: 1 character; Requirements: Where passwords exist, Azure enforces at least a one-character change when new passwords are created. Due to system limitations, Azure does not enforce a fifty percent (50%) change requirement in every new password. Azure implements strong password complexity, password expiration, password history, account lockout, and minimum password length to provide mitigation to the risks of not meeting this requirement. Additionally, the use of multifactor authentication via smart cards required at all authentication points provides strong security controls against credential guessing attacks. Azure considers these mitigating factors sufficient to address the incremental risk between Azure the required values for the number of changed characters. |
||||||||||||||||||||||
Mode | Indexed | ||||||||||||||||||||||
Type | Static | ||||||||||||||||||||||
Preview | False | ||||||||||||||||||||||
Deprecated | False | ||||||||||||||||||||||
Effect | Fixed audit |
||||||||||||||||||||||
RBAC role(s) | none | ||||||||||||||||||||||
Rule aliases | none | ||||||||||||||||||||||
Rule resource types | IF (2) Microsoft.Resources/subscriptions Microsoft.Resources/subscriptions/resourceGroups |
||||||||||||||||||||||
Compliance |
The following 1 compliance controls are associated with this Policy definition 'Microsoft Managed Control 1328 - Authenticator Management | Password-Based Authentication' (f5c66fdc-3d02-4034-9db5-ba57802609de)
| ||||||||||||||||||||||
Initiatives usage |
|
||||||||||||||||||||||
History | none | ||||||||||||||||||||||
JSON compare | n/a | ||||||||||||||||||||||
JSON |
|