| Capability ID | Capability Description | Category | Value | ATT&CK ID | ATT&CK Name | Notes |
|---|---|---|---|---|---|---|
| EID-PWPR-E3 | Password Protection | protect | partial | T1078 | Valid Accounts |
Comments
Accounts should have complex and unique passwords across all systems on the network. When a password is changed or reset for any user in a Microsoft Entra tenant, the current version of the global banned password list is used to validate the strength of the password. This validation check results in stronger passwords for all Microsoft Entra customers.
License Requirements:
Microsoft Entra ID Free, Microsoft Entra ID P1, or Microsoft Entra ID P2
References
|
| EID-PWPR-E3 | Password Protection | protect | partial | T1110 | Brute Force |
Comments
With Microsoft Entra Password Protection, default global banned password lists are automatically applied to all users in a Microsoft Entra tenant. To support your own business and security needs, you can define entries in a custom banned password list.
When a password is changed or reset for any user in a Microsoft Entra tenant, the current version of the global banned password list is used to validate the strength of the password. This validation check results in stronger passwords for all Microsoft Entra customers.
License Requirements:
Microsoft Entra ID Free, Microsoft Entra ID P1, or Microsoft Entra ID P2
References
|
| EID-PWPR-E3 | Password Protection | protect | partial | T1110 | Brute Force |
Comments
With Microsoft Entra Password Protection, default global banned password lists are automatically applied to all users in a Microsoft Entra tenant. To support your own business and security needs, you can define entries in a custom banned password list.
When a password is changed or reset for any user in a Microsoft Entra tenant, the current version of the global banned password list is used to validate the strength of the password. This validation check results in stronger passwords for all Microsoft Entra customers.
License Requirements:
Microsoft Entra ID Free, Microsoft Entra ID P1, or Microsoft Entra ID P2
References
|
| EID-PWPR-E3 | Password Protection | protect | partial | T1110.001 | Password Guessing |
Comments
Microsoft Entra Password Protection efficiently blocks known weak passwords likely to be used in password guessing attacks.
License Requirements:
Microsoft Entra ID Free, Microsoft Entra ID P1, or Microsoft Entra ID P2
References
|
| EID-PWPR-E3 | Password Protection | protect | partial | T1110.002 | Password Cracking |
Comments
Microsoft Entra Password Protection efficiently blocks known weak passwords likely to be used in password cracking attacks.
License Requirements:
Microsoft Entra ID Free, Microsoft Entra ID P1, or Microsoft Entra ID P2
References
|
| EID-PWPR-E3 | Password Protection | protect | partial | T1110.003 | Password Spraying |
Comments
Microsoft Entra Password Protection efficiently blocks known weak passwords likely to be used in password spray attacks.
License Requirements:
Microsoft Entra ID Free, Microsoft Entra ID P1, or Microsoft Entra ID P2
References
|
| EID-PWPR-E3 | Password Protection | protect | partial | T1110.003 | Password Spraying |
Comments
Microsoft Entra Password Protection efficiently blocks known weak passwords likely to be used in password spray attacks.
License Requirements:
Microsoft Entra ID Free, Microsoft Entra ID P1, or Microsoft Entra ID P2
References
|
| EID-PWPR-E3 | Password Protection | protect | partial | T1110.004 | Credential Stuffing |
Comments
With Microsoft Entra Password Protection, you can define entries in a custom banned password list. When a password is changed or reset for any user in a Microsoft Entra tenant, the current version of the global banned password list is used to validate the strength of the password. This validation check results in stronger passwords for all Microsoft Entra customers.
License Requirements:
Microsoft Entra ID Free, Microsoft Entra ID P1, or Microsoft Entra ID P2
References
|
| EID-PWPR-E3 | Password Protection | protect | partial | T1110.004 | Credential Stuffing |
Comments
With Microsoft Entra Password Protection, you can define entries in a custom banned password list. When a password is changed or reset for any user in a Microsoft Entra tenant, the current version of the global banned password list is used to validate the strength of the password. This validation check results in stronger passwords for all Microsoft Entra customers.
License Requirements:
Microsoft Entra ID Free, Microsoft Entra ID P1, or Microsoft Entra ID P2
References
|
| EID-PWPR-E3 | Password Protection | protect | partial | T1586.003 | Cloud Accounts |
Comments
Cloud accounts should have complex and unique passwords across all systems on the network. When a password is changed or reset for any user in a Microsoft Entra tenant, the current version of the global banned password list is used to validate the strength of the password. This validation check results in stronger passwords for all Microsoft Entra customers.
License Requirements:
Microsoft Entra ID Free, Microsoft Entra ID P1, or Microsoft Entra ID P2
References
|