Description
- Type: CUSTOMER
- Severity: WARNING
- Protection against: Hacking
- FIX Available: YES
This Customer Check verifies whether users and administrators receive a notification when their password is changed.
Why this check?
Password changes are generally not alarming events. However, if a password is changed without the employee in question being aware of it, this could indicate a hack. By enabling these notifications, the person best positioned to assess whether the change is legitimate is informed as quickly as possible to take further action.
What possible outcomes does the check have?
There are two options: the functionality is either enabled or not. In Attic, this is reflected as follows:
- Okay: notifications for password changes are ON
- Warning: notifications for password changes are OFF
How should this be followed up?
If the check results in an output of Warning, we advise enabling notifications for password changes.
A Fix is available for this check, which we will offer via Attic.
Comments
0 comments
Please sign in to leave a comment.