| Source | Azure Portal | ||
| Display name | Microsoft Managed Control 1323 - Authenticator Management | ||
| Id | abe8f70b-680f-470c-9b86-a7edfb664ecc | ||
| Version | 1.0.0 Details on versioning |
||
| Versioning |
Versions supported for Versioning: 0 Built-in Versioning [Preview] |
||
| Category | Regulatory Compliance Microsoft Learn |
||
| Description | Microsoft implements this Identification and Authentication control | ||
| Additional metadata |
Name/Id: ACF1323 / Microsoft Managed Control 1323 Category: Identification and Authentication Title: Authenticator Management - Forced Change Frequency Ownership: Customer, Microsoft Description: The organization manages information system authenticators by: Changing/refreshing authenticators 70 days; Requirements: Passwords must be changed every seventy (70) days. This is defined within Identity Management Baseline. This is enforced through Azure Active Directory domain policy settings. Azure considers the incremental risk between 70-day password resets and 60-day password reset values to be minimal. Azure implements strong password complexity, password expiration, password history, account lockout, and minimum password length per Microsoft Security Standards. Additionally, the use of multifactor authentication further provides strong security controls against credential guessing attacks. Azure considers these mitigating factors sufficient to address the incremental risk between Azure and the required values for password expiration. For smart cards, PINs are required to be at least four digits. PINs do not currently have maximum lifetimes. |
||
| Mode | Indexed | ||
| Type | Static | ||
| Preview | False | ||
| Deprecated | False | ||
| Effect | Fixed audit |
||
| RBAC role(s) | none | ||
| Rule aliases | none | ||
| Rule resource types | IF (2) Microsoft.Resources/subscriptions Microsoft.Resources/subscriptions/resourceGroups |
||
| Compliance | Not a Compliance control | ||
| Initiatives usage | none | ||
| History | none | ||
| JSON compare | n/a | ||
| JSON |
|