| Capability ID | Capability Description | Category | Value | ATT&CK ID | ATT&CK Name | Notes |
|---|---|---|---|---|---|---|
| EID-PWP-E3 | Password Policy | protect | significant | T1586.003 | Cloud Accounts |
Comments
Cloud accounts should have complex and unique passwords across all systems on the network. Passwords and access keys should be rotated regularly. By default, an account is locked out after 10 unsuccessful sign-in attempts with the wrong password. Further incorrect sign-in attempts lock out the user in real time for increasing durations of time.
License Requirements:
Microsoft Entra ID Free, Microsoft Entra ID P1, or Microsoft Entra ID P2
References
|
| EID-PWP-E3 | Password Policy | protect | partial | T1110.004 | Credential Stuffing |
Comments
A password policy is applied to all user accounts that are created and managed directly in Microsoft Entra ID. By default, an account is locked out after 10 unsuccessful sign-in attempts with the wrong password. Further incorrect sign-in attempts lock out the user in real time for increasing durations of time.
License Requirements:
Microsoft Entra ID Free, Microsoft Entra ID P1, or Microsoft Entra ID P2
References
|
| EID-PWP-E3 | Password Policy | protect | partial | T1110.003 | Password Spraying |
Comments
A password policy is applied to all user accounts that are created and managed directly in Microsoft Entra ID. By default, an account is locked out after 10 unsuccessful sign-in attempts with the wrong password. Further incorrect sign-in attempts lock out the user in real time for increasing durations of time.
License Requirements:
Microsoft Entra ID Free, Microsoft Entra ID P1, or Microsoft Entra ID P2
References
|
| EID-PWP-E3 | Password Policy | protect | partial | T1110.002 | Password Cracking |
Comments
A password policy is applied to all user accounts that are created and managed directly in Microsoft Entra ID. By default, an account is locked out after 10 unsuccessful sign-in attempts with the wrong password. Further incorrect sign-in attempts lock out the user in real time for increasing durations of time.
License Requirements:
Microsoft Entra ID Free, Microsoft Entra ID P1, or Microsoft Entra ID P2
References
|
| EID-PWP-E3 | Password Policy | protect | significant | T1110.001 | Password Guessing |
Comments
A password policy is applied to all user accounts that are created and managed directly in Microsoft Entra ID. By default, an account is locked out after 10 unsuccessful sign-in attempts with the wrong password. Further incorrect sign-in attempts lock out the user in real time for increasing durations of time.
License Requirements:
Microsoft Entra ID Free, Microsoft Entra ID P1, or Microsoft Entra ID P2
References
|
| EID-PWP-E3 | Password Policy | protect | significant | T1078 | Valid Accounts |
Comments
Accounts should have complex and unique passwords across all systems on the network. Passwords and access keys should be rotated regularly.
License Requirements:
Microsoft Entra ID Free, Microsoft Entra ID P1, or Microsoft Entra ID P2
References
|
| EID-PWP-E3 | Password Policy | protect | partial | T1110 | Brute Force |
Comments
A password policy is applied to all user accounts that are created and managed directly in Microsoft Entra ID.
By default, an account is locked out after 10 unsuccessful sign-in attempts with the wrong password.
License Requirements:
Microsoft Entra ID Free, Microsoft Entra ID P1, or Microsoft Entra ID P2
References
|