Description
- Type: CUSTOMER
- Severity: WARNING
- Protection against: HACKING
- CIS: M365 1.5 - (L1) Ensure that Office 365 Passwords Are Not Set to Expire
- Fix Available: YES
This Customer Check verifies via Secure Score if passwords are set to expire automatically.
Why this check?
Since 2016, the global recommendation - proposed by NIST - is not to have passwords automatically expire after a certain period. The rationale is that expiring passwords lead to the use of insecure passwords, as people tend to choose sequences, as shown by experience. Instead, the advice is to choose long passwords, not reuse passwords for different services, and use multi-factor authentication (MFA) as much as possible.
CIS Benchmarks
This measure aligns with the following item from the Center for Internet Security (CIS) Microsoft 365 Foundations Benchmark:
- CIS M365 1.5 - (L1) Ensure that Office 365 Passwords Are Not Set to Expire
What are the possible outcomes of the check?
This check has two possible outcomes. In Attic, this is reflected as follows:
- Okay: Password expiry is disabled
- Warning: Password expiry is enabled
How should this be followed up?
If the output is Warning , we advise disabling password expiry and following the other password-related recommendations.
A Fix is available for this check, which we will offer via Attic.
Comments
0 comments
Please sign in to leave a comment.