| Source | Azure Portal | ||
| Display name | Microsoft Managed Control 1318 - Authenticator Management | ||
| Id | fced5fda-3bdb-4d73-bfea-0e2c80428b66 | ||
| Version | 1.0.0 Details on versioning |
||
| Versioning |
Versions supported for Versioning: 0 Built-in Versioning [Preview] |
||
| Category | Regulatory Compliance Microsoft Learn |
||
| Description | Microsoft implements this Identification and Authentication control | ||
| Additional metadata |
Name/Id: ACF1318 / Microsoft Managed Control 1318 Category: Identification and Authentication Title: Authenticator Management - Initial Authenticator Content Ownership: Customer, Microsoft Description: The organization manages information system authenticators by: Establishing initial authenticator content for authenticators defined by the organization; Requirements: At the time of initial account creation, Active Directory assigns a unique identification and random temporary password which meets Microsoft Corporate and Azure policy requirements. Active Directory maintains the unique identification associated with the account throughout the life of the account. Account identification is never repeated within Active Directory. After receiving account creation approval from his/her manager, a new user receives an email from MyAccess regarding her or his request. This email has a URL pointer to a uniquely generated page to get a temporary password. This password is randomly generated and may be reset after one (1) day. The initial password generated is in accordance with Azure identity management baseline requirements including complexity and length requirements. After the smart card has been provided to the user, the C+AI Security Smart Card support staff sends an email with an initial PIN for the smart card that needs to be reset. Certain domains are passwordless - the smart card PIN is the authentication method for the account. |
||
| Mode | Indexed | ||
| Type | Static | ||
| Preview | False | ||
| Deprecated | False | ||
| Effect | Fixed audit |
||
| RBAC role(s) | none | ||
| Rule aliases | none | ||
| Rule resource types | IF (2) Microsoft.Resources/subscriptions Microsoft.Resources/subscriptions/resourceGroups |
||
| Compliance | Not a Compliance control | ||
| Initiatives usage | none | ||
| History | none | ||
| JSON compare | n/a | ||
| JSON |
|