Password Policies, Mitigation M1027 - Enterprise

<!DOCTYPE html> <html lang='en'> <head> <script async src="https://www.googletagmanager.com/gtag/js?id=UA-62667723-1"></script> <script> window.dataLayer = window.dataLayer || []; function gtag(){dataLayer.push(arguments);} gtag('js', new Date()); gtag('config', 'UA-62667723-1'); </script> <meta name="google-site-verification" content="2oJKLqNN62z6AOCb0A0IXGtbQuj-lev5YPAHFF_cbHQ"/> <meta charset='utf-8'> <meta name='viewport' content='width=device-width, initial-scale=1, shrink-to-fit=no'> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <link rel='shortcut icon' href="/versions/v9/theme/favicon.ico" type='image/x-icon'> <title>Password Policies, Mitigation M1027 - Enterprise | MITRE ATT&CK®</title>  <link rel='stylesheet' href="/versions/v9/theme/style/bootstrap.min.css" /> <link rel='stylesheet' href="/versions/v9/theme/style/bootstrap-glyphicon.min.css" /> <link rel='stylesheet' href="/versions/v9/theme/style/bootstrap-tourist.css" /> <link rel="stylesheet" type="text/css" href="/versions/v9/theme/style.min.css?426cc53a"> </head> <body>  <header> <nav class='navbar navbar-expand-lg navbar-dark fixed-top'> <a class='navbar-brand' href="/versions/v9/"><img src="/versions/v9/theme/images/mitre_attack_logo.png" class="attack-logo"></a> <button class='navbar-toggler' type='button' data-toggle='collapse' data-target='#navbarCollapse' aria-controls='navbarCollapse' aria-expanded='false' aria-label='Toggle navigation'> <span class='navbar-toggler-icon'></span> </button> <div class='collapse navbar-collapse' id='navbarCollapse'> <ul class='nav nav-tabs ml-auto'> <li class="nav-item"> <a href="/versions/v9/matrices/" class="nav-link" ><b>Matrices</b></a> </li> <li class="nav-item dropdown"> <a class="nav-link dropdown-toggle" href="/versions/v9/tactics/" id="navbarDropdown" role="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false"> <b>Tactics</b> </a> <div class="dropdown-menu " aria-labelledby="navbarDropdown"> <a class="dropdown-item" href="/versions/v9/tactics/enterprise/">Enterprise</a> <a class="dropdown-item" href="/versions/v9/tactics/mobile/">Mobile</a> </div> </li> <li class="nav-item dropdown"> <a class="nav-link dropdown-toggle" href="/versions/v9/techniques/" id="navbarDropdown" role="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false"> <b>Techniques</b> </a> <div class="dropdown-menu " aria-labelledby="navbarDropdown"> <a class="dropdown-item" href="/versions/v9/techniques/enterprise/">Enterprise</a> <a class="dropdown-item" href="/versions/v9/techniques/mobile/">Mobile</a> </div> </li> <li class="nav-item dropdown"> <a class="nav-link dropdown-toggle" href="/versions/v9/mitigations/" id="navbarDropdown" role="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false"> <b>Mitigations</b> </a> <div class="dropdown-menu " aria-labelledby="navbarDropdown"> <a class="dropdown-item" href="/versions/v9/mitigations/enterprise/">Enterprise</a> <a class="dropdown-item" href="/versions/v9/mitigations/mobile/">Mobile</a> </div> </li> <li class="nav-item"> <a href="/versions/v9/groups" class="nav-link" ><b>Groups</b></a> </li> <li class="nav-item"> <a href="/versions/v9/software/" class="nav-link" ><b>Software</b></a> </li> <li class="nav-item dropdown"> <a class="nav-link dropdown-toggle" href="/versions/v9/resources/" id="navbarDropdown" role="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false"> <b>Resources</b> </a> <div class="dropdown-menu " aria-labelledby="navbarDropdown"> <a class="dropdown-item" href="/versions/v9/resources/">General Information</a> <a class="dropdown-item" href="/versions/v9/resources/getting-started/">Getting Started</a> <a class="dropdown-item" href="/versions/v9/resources/training/">Training</a> <a class="dropdown-item" href="/versions/v9/resources/attackcon/">ATT&CKcon</a> <a class="dropdown-item" href="/versions/v9/resources/working-with-attack/">Working with ATT&CK</a> <a class="dropdown-item" href="/versions/v9/resources/faq/">FAQ</a> <a class="dropdown-item" href="/resources/updates/">Updates</a> <a class="dropdown-item" href="/resources/versions/">Versions of ATT&CK</a> <a class="dropdown-item" href="/versions/v9/resources/related-projects/">Related Projects</a> </div> </li> <li class="nav-item"> <a href="https://medium.com/mitre-attack/" target="_blank" class="nav-link"> <b>Blog</b>  <img src="/versions/v9/theme/images/external-site.svg" alt="External site" class="external-icon" /> </a> </li> <li class="nav-item"> <a href="/versions/v9/resources/contribute/" class="nav-link" ><b>Contribute</b></a> </li> <li class="nav-item"> <button id="search-button" class="btn search-button">Search <div class="search-icon"></div></button> </li> </ul> </div> </nav> </header>  <div class="container-fluid version-banner"><div class="icon-inline baseline mr-1"><img src="/versions/v9/theme/images/icon-warning-24px.svg"></div>Currently viewing <a href="https://github.com/mitre/cti/releases/tag/ATT%26CK-v9.0" target="_blank">ATT&CK v9.0</a> which was live between April 29, 2021 and October 20, 2021. <a href="/resources/versions/">Learn more about the versioning system</a> or <a href="/">see the live site</a>.</div> <div id='content' class="maincontent">  <div class='container-fluid h-100'> <div class='row h-100'> <div class="nav flex-column col-xl-2 col-lg-3 col-md-3 sidebar nav pt-5 pb-3 pl-3 border-right" id="v-tab" role="tablist" aria-orientation="vertical">  <div class="group-nav-desktop-view"> <span class="heading" id="v-home-tab" aria-selected="false">MITIGATIONS</span> <div class="sidenav"> <div class="sidenav-head " id="enterprise"> <a href="/versions/v9/mitigations/enterprise/"> Enterprise </a> <div class="expand-button collapsed" id="enterprise-header" data-toggle="collapse" data-target="#enterprise-body" aria-expanded="false" aria-controls="#enterprise-body"></div> </div> <div class="sidenav-body collapse" id="enterprise-body" aria-labelledby="enterprise-header"> <div class="sidenav"> <div class="sidenav-head" id="enterprise-Account Use Policies"> <a href="/versions/v9/mitigations/M1036/"> Account Use Policies </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="enterprise-Active Directory Configuration"> <a href="/versions/v9/mitigations/M1015/"> Active Directory Configuration </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="enterprise-Antivirus/Antimalware"> <a href="/versions/v9/mitigations/M1049/"> Antivirus/Antimalware </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="enterprise-Application Developer Guidance"> <a href="/versions/v9/mitigations/M1013/"> Application Developer Guidance </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="enterprise-Application Isolation and Sandboxing"> <a href="/versions/v9/mitigations/M1048/"> Application Isolation and Sandboxing </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="enterprise-Audit"> <a href="/versions/v9/mitigations/M1047/"> Audit </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="enterprise-Behavior Prevention on Endpoint"> <a href="/versions/v9/mitigations/M1040/"> Behavior Prevention on Endpoint </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="enterprise-Boot Integrity"> <a href="/versions/v9/mitigations/M1046/"> Boot Integrity </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="enterprise-Code Signing"> <a href="/versions/v9/mitigations/M1045/"> Code Signing </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="enterprise-Credential Access Protection"> <a href="/versions/v9/mitigations/M1043/"> Credential Access Protection </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="enterprise-Data Backup"> <a href="/versions/v9/mitigations/M1053/"> Data Backup </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="enterprise-Disable or Remove Feature or Program"> <a href="/versions/v9/mitigations/M1042/"> Disable or Remove Feature or Program </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="enterprise-Do Not Mitigate"> <a href="/versions/v9/mitigations/M1055/"> Do Not Mitigate </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="enterprise-Encrypt Sensitive Information"> <a href="/versions/v9/mitigations/M1041/"> Encrypt Sensitive Information </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="enterprise-Environment Variable Permissions"> <a href="/versions/v9/mitigations/M1039/"> Environment Variable Permissions </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="enterprise-Execution Prevention"> <a href="/versions/v9/mitigations/M1038/"> Execution Prevention </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="enterprise-Exploit Protection"> <a href="/versions/v9/mitigations/M1050/"> Exploit Protection </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="enterprise-Filter Network Traffic"> <a href="/versions/v9/mitigations/M1037/"> Filter Network Traffic </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="enterprise-Limit Access to Resource Over Network"> <a href="/versions/v9/mitigations/M1035/"> Limit Access to Resource Over Network </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="enterprise-Limit Hardware Installation"> <a href="/versions/v9/mitigations/M1034/"> Limit Hardware Installation </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="enterprise-Limit Software Installation"> <a href="/versions/v9/mitigations/M1033/"> Limit Software Installation </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="enterprise-Multi-factor Authentication"> <a href="/versions/v9/mitigations/M1032/"> Multi-factor Authentication </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="enterprise-Network Intrusion Prevention"> <a href="/versions/v9/mitigations/M1031/"> Network Intrusion Prevention </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="enterprise-Network Segmentation"> <a href="/versions/v9/mitigations/M1030/"> Network Segmentation </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="enterprise-Operating System Configuration"> <a href="/versions/v9/mitigations/M1028/"> Operating System Configuration </a> </div> </div> <div class="sidenav"> <div class="sidenav-head active" id="enterprise-Password Policies"> <a href="/versions/v9/mitigations/M1027/"> Password Policies </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="enterprise-Pre-compromise"> <a href="/versions/v9/mitigations/M1056/"> Pre-compromise </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="enterprise-Privileged Account Management"> <a href="/versions/v9/mitigations/M1026/"> Privileged Account Management </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="enterprise-Privileged Process Integrity"> <a href="/versions/v9/mitigations/M1025/"> Privileged Process Integrity </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="enterprise-Remote Data Storage"> <a href="/versions/v9/mitigations/M1029/"> Remote Data Storage </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="enterprise-Restrict File and Directory Permissions"> <a href="/versions/v9/mitigations/M1022/"> Restrict File and Directory Permissions </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="enterprise-Restrict Library Loading"> <a href="/versions/v9/mitigations/M1044/"> Restrict Library Loading </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="enterprise-Restrict Registry Permissions"> <a href="/versions/v9/mitigations/M1024/"> Restrict Registry Permissions </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="enterprise-Restrict Web-Based Content"> <a href="/versions/v9/mitigations/M1021/"> Restrict Web-Based Content </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="enterprise-Software Configuration"> <a href="/versions/v9/mitigations/M1054/"> Software Configuration </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="enterprise-SSL/TLS Inspection"> <a href="/versions/v9/mitigations/M1020/"> SSL/TLS Inspection </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="enterprise-Threat Intelligence Program"> <a href="/versions/v9/mitigations/M1019/"> Threat Intelligence Program </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="enterprise-Update Software"> <a href="/versions/v9/mitigations/M1051/"> Update Software </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="enterprise-User Account Control"> <a href="/versions/v9/mitigations/M1052/"> User Account Control </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="enterprise-User Account Management"> <a href="/versions/v9/mitigations/M1018/"> User Account Management </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="enterprise-User Training"> <a href="/versions/v9/mitigations/M1017/"> User Training </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="enterprise-Vulnerability Scanning"> <a href="/versions/v9/mitigations/M1016/"> Vulnerability Scanning </a> </div> </div> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="mobile"> <a href="/versions/v9/mitigations/mobile/"> Mobile </a> <div class="expand-button collapsed" id="mobile-header" data-toggle="collapse" data-target="#mobile-body" aria-expanded="false" aria-controls="#mobile-body"></div> </div> <div class="sidenav-body collapse" id="mobile-body" aria-labelledby="mobile-header"> <div class="sidenav"> <div class="sidenav-head" id="mobile-Application Developer Guidance"> <a href="/versions/v9/mitigations/M1013/"> Application Developer Guidance </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="mobile-Application Vetting"> <a href="/versions/v9/mitigations/M1005/"> Application Vetting </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="mobile-Attestation"> <a href="/versions/v9/mitigations/M1002/"> Attestation </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="mobile-Caution with Device Administrator Access"> <a href="/versions/v9/mitigations/M1007/"> Caution with Device Administrator Access </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="mobile-Deploy Compromised Device Detection Method"> <a href="/versions/v9/mitigations/M1010/"> Deploy Compromised Device Detection Method </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="mobile-Encrypt Network Traffic"> <a href="/versions/v9/mitigations/M1009/"> Encrypt Network Traffic </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="mobile-Enterprise Policy"> <a href="/versions/v9/mitigations/M1012/"> Enterprise Policy </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="mobile-Interconnection Filtering"> <a href="/versions/v9/mitigations/M1014/"> Interconnection Filtering </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="mobile-Lock Bootloader"> <a href="/versions/v9/mitigations/M1003/"> Lock Bootloader </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="mobile-Security Updates"> <a href="/versions/v9/mitigations/M1001/"> Security Updates </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="mobile-System Partition Integrity"> <a href="/versions/v9/mitigations/M1004/"> System Partition Integrity </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="mobile-Use Recent OS Version"> <a href="/versions/v9/mitigations/M1006/"> Use Recent OS Version </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="mobile-User Guidance"> <a href="/versions/v9/mitigations/M1011/"> User Guidance </a> </div> </div> </div> </div> </div> <div class="group-nav-mobile-view"> <span class="heading" id="v-home-tab" aria-selected="false">MITIGATIONS</span> <div class="sidenav"> <div class="sidenav-head " id="Enterprise"> <a href="/versions/v9/mitigations/enterprise/"> Enterprise </a> <div class="expand-button collapsed" id="Enterprise-header" data-toggle="collapse" data-target="#Enterprise-body" aria-expanded="false" aria-controls="#Enterprise-body"></div> </div> <div class="sidenav-body collapse" id="Enterprise-body" aria-labelledby="Enterprise-header"> <div class="sidenav"> <div class="sidenav-head " id="Enterprise-cb3a2d149de84665b6c40f9e1f2c28b4"> <span>A-C</span> <div class="expand-button collapsed" id="Enterprise-cb3a2d149de84665b6c40f9e1f2c28b4-header" data-toggle="collapse" data-target="#Enterprise-cb3a2d149de84665b6c40f9e1f2c28b4-body" aria-expanded="false" aria-controls="#Enterprise-cb3a2d149de84665b6c40f9e1f2c28b4-body"></div> </div> <div class="sidenav-body collapse" id="Enterprise-cb3a2d149de84665b6c40f9e1f2c28b4-body" aria-labelledby="Enterprise-cb3a2d149de84665b6c40f9e1f2c28b4-header"> <div class="sidenav"> <div class="sidenav-head" id="Enterprise-cb3a2d149de84665b6c40f9e1f2c28b4-b26518ef7e3e4a4f9b20008ff4552b4f"> <a href="/versions/v9/mitigations/M1036/"> Account Use Policies </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Enterprise-cb3a2d149de84665b6c40f9e1f2c28b4-a6c6636f696a44f9aae5832a7fbe3561"> <a href="/versions/v9/mitigations/M1015/"> Active Directory Configuration </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Enterprise-cb3a2d149de84665b6c40f9e1f2c28b4-37df1053fe4249da8e26fda6d3af360a"> <a href="/versions/v9/mitigations/M1049/"> Antivirus/Antimalware </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Enterprise-cb3a2d149de84665b6c40f9e1f2c28b4-4e1d87f8cc704be9aeccda5a2f410f7d"> <a href="/versions/v9/mitigations/M1013/"> Application Developer Guidance </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Enterprise-cb3a2d149de84665b6c40f9e1f2c28b4-8796437fde6c45ac974cfadd24dfdb9f"> <a href="/versions/v9/mitigations/M1048/"> Application Isolation and Sandboxing </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Enterprise-cb3a2d149de84665b6c40f9e1f2c28b4-89f7ccb4a1b74278ba05f5f593362a29"> <a href="/versions/v9/mitigations/M1047/"> Audit </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Enterprise-cb3a2d149de84665b6c40f9e1f2c28b4-365044f73a824ba09883a5a45a63e2b3"> <a href="/versions/v9/mitigations/M1040/"> Behavior Prevention on Endpoint </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Enterprise-cb3a2d149de84665b6c40f9e1f2c28b4-ebb4492d17604eaaa9add543e60731cc"> <a href="/versions/v9/mitigations/M1046/"> Boot Integrity </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Enterprise-cb3a2d149de84665b6c40f9e1f2c28b4-9bd049c3724c47a9be5fdf660067e611"> <a href="/versions/v9/mitigations/M1045/"> Code Signing </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Enterprise-cb3a2d149de84665b6c40f9e1f2c28b4-3be96c06f27048468fcfbc4fb5564ba6"> <a href="/versions/v9/mitigations/M1043/"> Credential Access Protection </a> </div> </div> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Enterprise-13809a781f2244fdb72f26b0759b6e9b"> <span>D-F</span> <div class="expand-button collapsed" id="Enterprise-13809a781f2244fdb72f26b0759b6e9b-header" data-toggle="collapse" data-target="#Enterprise-13809a781f2244fdb72f26b0759b6e9b-body" aria-expanded="false" aria-controls="#Enterprise-13809a781f2244fdb72f26b0759b6e9b-body"></div> </div> <div class="sidenav-body collapse" id="Enterprise-13809a781f2244fdb72f26b0759b6e9b-body" aria-labelledby="Enterprise-13809a781f2244fdb72f26b0759b6e9b-header"> <div class="sidenav"> <div class="sidenav-head" id="Enterprise-13809a781f2244fdb72f26b0759b6e9b-6748c5d27b3f40fcbb68dfe2a35956b0"> <a href="/versions/v9/mitigations/M1053/"> Data Backup </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Enterprise-13809a781f2244fdb72f26b0759b6e9b-522db8f7d58643028c598b768f0045c9"> <a href="/versions/v9/mitigations/M1042/"> Disable or Remove Feature or Program </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Enterprise-13809a781f2244fdb72f26b0759b6e9b-842722f6ecdf43c9b549bf7008fec5a7"> <a href="/versions/v9/mitigations/M1055/"> Do Not Mitigate </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Enterprise-13809a781f2244fdb72f26b0759b6e9b-97750d5dd29045bfb1c73540916440d7"> <a href="/versions/v9/mitigations/M1041/"> Encrypt Sensitive Information </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Enterprise-13809a781f2244fdb72f26b0759b6e9b-b9ade68745914394be98ee1ff35fe33a"> <a href="/versions/v9/mitigations/M1039/"> Environment Variable Permissions </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Enterprise-13809a781f2244fdb72f26b0759b6e9b-b5925658ce4047448ddb2b647a76b94a"> <a href="/versions/v9/mitigations/M1038/"> Execution Prevention </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Enterprise-13809a781f2244fdb72f26b0759b6e9b-73a9ee406d59460f922f2b02ccf042e8"> <a href="/versions/v9/mitigations/M1050/"> Exploit Protection </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Enterprise-13809a781f2244fdb72f26b0759b6e9b-84971b1e0bdb427a82b1c51cd996cc93"> <a href="/versions/v9/mitigations/M1037/"> Filter Network Traffic </a> </div> </div> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Enterprise-fe29ba6e13b846c1a0d811eab685bab0"> <span>G-I</span> <div class="expand-button collapsed" id="Enterprise-fe29ba6e13b846c1a0d811eab685bab0-header" data-toggle="collapse" data-target="#Enterprise-fe29ba6e13b846c1a0d811eab685bab0-body" aria-expanded="false" aria-controls="#Enterprise-fe29ba6e13b846c1a0d811eab685bab0-body"></div> </div> <div class="sidenav-body collapse" id="Enterprise-fe29ba6e13b846c1a0d811eab685bab0-body" aria-labelledby="Enterprise-fe29ba6e13b846c1a0d811eab685bab0-header"> <div class="sidenav"> <span>No mitigations</span> </div> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Enterprise-3ca1ed2178404000a56c368cceb4cd3f"> <span>J-L</span> <div class="expand-button collapsed" id="Enterprise-3ca1ed2178404000a56c368cceb4cd3f-header" data-toggle="collapse" data-target="#Enterprise-3ca1ed2178404000a56c368cceb4cd3f-body" aria-expanded="false" aria-controls="#Enterprise-3ca1ed2178404000a56c368cceb4cd3f-body"></div> </div> <div class="sidenav-body collapse" id="Enterprise-3ca1ed2178404000a56c368cceb4cd3f-body" aria-labelledby="Enterprise-3ca1ed2178404000a56c368cceb4cd3f-header"> <div class="sidenav"> <div class="sidenav-head" id="Enterprise-3ca1ed2178404000a56c368cceb4cd3f-3c3cb0b0e2e94c8d9e62ff223695bb48"> <a href="/versions/v9/mitigations/M1035/"> Limit Access to Resource Over Network </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Enterprise-3ca1ed2178404000a56c368cceb4cd3f-4827eac17f2448c2848b95ca6f6d942e"> <a href="/versions/v9/mitigations/M1034/"> Limit Hardware Installation </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Enterprise-3ca1ed2178404000a56c368cceb4cd3f-1956f373b40344f3802c2dbccd4ee1f4"> <a href="/versions/v9/mitigations/M1033/"> Limit Software Installation </a> </div> </div> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Enterprise-ec73c64f1b7e4c70b469615970d4a045"> <span>M-O</span> <div class="expand-button collapsed" id="Enterprise-ec73c64f1b7e4c70b469615970d4a045-header" data-toggle="collapse" data-target="#Enterprise-ec73c64f1b7e4c70b469615970d4a045-body" aria-expanded="false" aria-controls="#Enterprise-ec73c64f1b7e4c70b469615970d4a045-body"></div> </div> <div class="sidenav-body collapse" id="Enterprise-ec73c64f1b7e4c70b469615970d4a045-body" aria-labelledby="Enterprise-ec73c64f1b7e4c70b469615970d4a045-header"> <div class="sidenav"> <div class="sidenav-head" id="Enterprise-ec73c64f1b7e4c70b469615970d4a045-fcf338ca00264971bde3a73571e6e956"> <a href="/versions/v9/mitigations/M1032/"> Multi-factor Authentication </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Enterprise-ec73c64f1b7e4c70b469615970d4a045-2965ef908b02496b92af99dcb1f61ac3"> <a href="/versions/v9/mitigations/M1031/"> Network Intrusion Prevention </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Enterprise-ec73c64f1b7e4c70b469615970d4a045-f21a43b85e644ae4b0bd01352b14edb9"> <a href="/versions/v9/mitigations/M1030/"> Network Segmentation </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Enterprise-ec73c64f1b7e4c70b469615970d4a045-9f0b4d356a0b42f3a8387c293481dff7"> <a href="/versions/v9/mitigations/M1028/"> Operating System Configuration </a> </div> </div> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Enterprise-e848f5054baf4d6e9e5134b879536c3e"> <span>P-R</span> <div class="expand-button collapsed" id="Enterprise-e848f5054baf4d6e9e5134b879536c3e-header" data-toggle="collapse" data-target="#Enterprise-e848f5054baf4d6e9e5134b879536c3e-body" aria-expanded="false" aria-controls="#Enterprise-e848f5054baf4d6e9e5134b879536c3e-body"></div> </div> <div class="sidenav-body collapse" id="Enterprise-e848f5054baf4d6e9e5134b879536c3e-body" aria-labelledby="Enterprise-e848f5054baf4d6e9e5134b879536c3e-header"> <div class="sidenav"> <div class="sidenav-head active" id="Enterprise-e848f5054baf4d6e9e5134b879536c3e-a093bbda18e14d76ae0d7a722e1aa49c"> <a href="/versions/v9/mitigations/M1027/"> Password Policies </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Enterprise-e848f5054baf4d6e9e5134b879536c3e-c0591b37c51e4e74935af30ba017b0a4"> <a href="/versions/v9/mitigations/M1056/"> Pre-compromise </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Enterprise-e848f5054baf4d6e9e5134b879536c3e-21bda95641f041c0a603eb81526f944e"> <a href="/versions/v9/mitigations/M1026/"> Privileged Account Management </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Enterprise-e848f5054baf4d6e9e5134b879536c3e-a70b7eae4b5f4a808fa657022cf89c5c"> <a href="/versions/v9/mitigations/M1025/"> Privileged Process Integrity </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Enterprise-e848f5054baf4d6e9e5134b879536c3e-5aec17da01c945cebda1616cc777d435"> <a href="/versions/v9/mitigations/M1029/"> Remote Data Storage </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Enterprise-e848f5054baf4d6e9e5134b879536c3e-1c832cabff694d17b2044658ba6d1fb4"> <a href="/versions/v9/mitigations/M1022/"> Restrict File and Directory Permissions </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Enterprise-e848f5054baf4d6e9e5134b879536c3e-48dc881e58b44cd3af337ff140242d50"> <a href="/versions/v9/mitigations/M1044/"> Restrict Library Loading </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Enterprise-e848f5054baf4d6e9e5134b879536c3e-e8f57982a56f4c5193ab543d4b37f7f6"> <a href="/versions/v9/mitigations/M1024/"> Restrict Registry Permissions </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Enterprise-e848f5054baf4d6e9e5134b879536c3e-cbf376d65b604634bc1e21efbff80910"> <a href="/versions/v9/mitigations/M1021/"> Restrict Web-Based Content </a> </div> </div> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Enterprise-17d3e8f462f84419b88db26ec4991e4e"> <span>S-U</span> <div class="expand-button collapsed" id="Enterprise-17d3e8f462f84419b88db26ec4991e4e-header" data-toggle="collapse" data-target="#Enterprise-17d3e8f462f84419b88db26ec4991e4e-body" aria-expanded="false" aria-controls="#Enterprise-17d3e8f462f84419b88db26ec4991e4e-body"></div> </div> <div class="sidenav-body collapse" id="Enterprise-17d3e8f462f84419b88db26ec4991e4e-body" aria-labelledby="Enterprise-17d3e8f462f84419b88db26ec4991e4e-header"> <div class="sidenav"> <div class="sidenav-head" id="Enterprise-17d3e8f462f84419b88db26ec4991e4e-49b9c49c65e04687bf4cbc442218cb8c"> <a href="/versions/v9/mitigations/M1054/"> Software Configuration </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Enterprise-17d3e8f462f84419b88db26ec4991e4e-b6497cb5fcf649c7b844a0aff1d57d36"> <a href="/versions/v9/mitigations/M1020/"> SSL/TLS Inspection </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Enterprise-17d3e8f462f84419b88db26ec4991e4e-b99e55cc47ae477abbc13165c911bac6"> <a href="/versions/v9/mitigations/M1019/"> Threat Intelligence Program </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Enterprise-17d3e8f462f84419b88db26ec4991e4e-c8e7863ca22d42a5bea3629e9ba52966"> <a href="/versions/v9/mitigations/M1051/"> Update Software </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Enterprise-17d3e8f462f84419b88db26ec4991e4e-df2acab411ec44f9be382802b027bccb"> <a href="/versions/v9/mitigations/M1052/"> User Account Control </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Enterprise-17d3e8f462f84419b88db26ec4991e4e-f33c4d4d715b4e9fa4d8022cabdaaca4"> <a href="/versions/v9/mitigations/M1018/"> User Account Management </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Enterprise-17d3e8f462f84419b88db26ec4991e4e-4f145dcaa08b4ddeab3a42a423a863ca"> <a href="/versions/v9/mitigations/M1017/"> User Training </a> </div> </div> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Enterprise-b03d09f5250a4307b0976fdcfab12f70"> <span>V-X</span> <div class="expand-button collapsed" id="Enterprise-b03d09f5250a4307b0976fdcfab12f70-header" data-toggle="collapse" data-target="#Enterprise-b03d09f5250a4307b0976fdcfab12f70-body" aria-expanded="false" aria-controls="#Enterprise-b03d09f5250a4307b0976fdcfab12f70-body"></div> </div> <div class="sidenav-body collapse" id="Enterprise-b03d09f5250a4307b0976fdcfab12f70-body" aria-labelledby="Enterprise-b03d09f5250a4307b0976fdcfab12f70-header"> <div class="sidenav"> <div class="sidenav-head" id="Enterprise-b03d09f5250a4307b0976fdcfab12f70-16754c6fa0b4455c9c1bf2f1b2938e42"> <a href="/versions/v9/mitigations/M1016/"> Vulnerability Scanning </a> </div> </div> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Enterprise-3aedccf4b4014865899b01c6b7d95d81"> <span>Y-Z</span> <div class="expand-button collapsed" id="Enterprise-3aedccf4b4014865899b01c6b7d95d81-header" data-toggle="collapse" data-target="#Enterprise-3aedccf4b4014865899b01c6b7d95d81-body" aria-expanded="false" aria-controls="#Enterprise-3aedccf4b4014865899b01c6b7d95d81-body"></div> </div> <div class="sidenav-body collapse" id="Enterprise-3aedccf4b4014865899b01c6b7d95d81-body" aria-labelledby="Enterprise-3aedccf4b4014865899b01c6b7d95d81-header"> <div class="sidenav"> <span>No mitigations</span> </div> </div> </div> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Mobile"> <a href="/versions/v9/mitigations/mobile/"> Mobile </a> <div class="expand-button collapsed" id="Mobile-header" data-toggle="collapse" data-target="#Mobile-body" aria-expanded="false" aria-controls="#Mobile-body"></div> </div> <div class="sidenav-body collapse" id="Mobile-body" aria-labelledby="Mobile-header"> <div class="sidenav"> <div class="sidenav-head " id="Mobile-c0c2f593de8d4be5ba1c1cec5075d6a1"> <span>A-C</span> <div class="expand-button collapsed" id="Mobile-c0c2f593de8d4be5ba1c1cec5075d6a1-header" data-toggle="collapse" data-target="#Mobile-c0c2f593de8d4be5ba1c1cec5075d6a1-body" aria-expanded="false" aria-controls="#Mobile-c0c2f593de8d4be5ba1c1cec5075d6a1-body"></div> </div> <div class="sidenav-body collapse" id="Mobile-c0c2f593de8d4be5ba1c1cec5075d6a1-body" aria-labelledby="Mobile-c0c2f593de8d4be5ba1c1cec5075d6a1-header"> <div class="sidenav"> <div class="sidenav-head" id="Mobile-c0c2f593de8d4be5ba1c1cec5075d6a1-0e584d21760e46a3b2c84ceb8a8df29e"> <a href="/versions/v9/mitigations/M1013/"> Application Developer Guidance </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Mobile-c0c2f593de8d4be5ba1c1cec5075d6a1-b04c6cf9b2c04ab3b2845d57ba67c9eb"> <a href="/versions/v9/mitigations/M1005/"> Application Vetting </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Mobile-c0c2f593de8d4be5ba1c1cec5075d6a1-5668ab8664a749dd8dab0b64e16b4cb6"> <a href="/versions/v9/mitigations/M1002/"> Attestation </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Mobile-c0c2f593de8d4be5ba1c1cec5075d6a1-ebb4f5601a864cc9a9eb45dca2c76ba2"> <a href="/versions/v9/mitigations/M1007/"> Caution with Device Administrator Access </a> </div> </div> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Mobile-974c7cdf3eac484db432f8698f365acd"> <span>D-F</span> <div class="expand-button collapsed" id="Mobile-974c7cdf3eac484db432f8698f365acd-header" data-toggle="collapse" data-target="#Mobile-974c7cdf3eac484db432f8698f365acd-body" aria-expanded="false" aria-controls="#Mobile-974c7cdf3eac484db432f8698f365acd-body"></div> </div> <div class="sidenav-body collapse" id="Mobile-974c7cdf3eac484db432f8698f365acd-body" aria-labelledby="Mobile-974c7cdf3eac484db432f8698f365acd-header"> <div class="sidenav"> <div class="sidenav-head" id="Mobile-974c7cdf3eac484db432f8698f365acd-c0a1f8c7bac1431482c6edbce4e1fb7e"> <a href="/versions/v9/mitigations/M1010/"> Deploy Compromised Device Detection Method </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Mobile-974c7cdf3eac484db432f8698f365acd-8955ce326e564e24ac239cbe690037be"> <a href="/versions/v9/mitigations/M1009/"> Encrypt Network Traffic </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Mobile-974c7cdf3eac484db432f8698f365acd-e9b782cedc674885a328e8286164268e"> <a href="/versions/v9/mitigations/M1012/"> Enterprise Policy </a> </div> </div> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Mobile-e7e19d468f7840429d15ad34983e34d1"> <span>G-I</span> <div class="expand-button collapsed" id="Mobile-e7e19d468f7840429d15ad34983e34d1-header" data-toggle="collapse" data-target="#Mobile-e7e19d468f7840429d15ad34983e34d1-body" aria-expanded="false" aria-controls="#Mobile-e7e19d468f7840429d15ad34983e34d1-body"></div> </div> <div class="sidenav-body collapse" id="Mobile-e7e19d468f7840429d15ad34983e34d1-body" aria-labelledby="Mobile-e7e19d468f7840429d15ad34983e34d1-header"> <div class="sidenav"> <div class="sidenav-head" id="Mobile-e7e19d468f7840429d15ad34983e34d1-102cde30bc0447a1a84afef4935af8c7"> <a href="/versions/v9/mitigations/M1014/"> Interconnection Filtering </a> </div> </div> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Mobile-5345a9cc0d114728bf7ec50fd1896d43"> <span>J-L</span> <div class="expand-button collapsed" id="Mobile-5345a9cc0d114728bf7ec50fd1896d43-header" data-toggle="collapse" data-target="#Mobile-5345a9cc0d114728bf7ec50fd1896d43-body" aria-expanded="false" aria-controls="#Mobile-5345a9cc0d114728bf7ec50fd1896d43-body"></div> </div> <div class="sidenav-body collapse" id="Mobile-5345a9cc0d114728bf7ec50fd1896d43-body" aria-labelledby="Mobile-5345a9cc0d114728bf7ec50fd1896d43-header"> <div class="sidenav"> <div class="sidenav-head" id="Mobile-5345a9cc0d114728bf7ec50fd1896d43-dcc35a04a45f4d23a5f382603034b26e"> <a href="/versions/v9/mitigations/M1003/"> Lock Bootloader </a> </div> </div> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Mobile-8efc4def5f19457a9fc44ee46eb76b72"> <span>M-O</span> <div class="expand-button collapsed" id="Mobile-8efc4def5f19457a9fc44ee46eb76b72-header" data-toggle="collapse" data-target="#Mobile-8efc4def5f19457a9fc44ee46eb76b72-body" aria-expanded="false" aria-controls="#Mobile-8efc4def5f19457a9fc44ee46eb76b72-body"></div> </div> <div class="sidenav-body collapse" id="Mobile-8efc4def5f19457a9fc44ee46eb76b72-body" aria-labelledby="Mobile-8efc4def5f19457a9fc44ee46eb76b72-header"> <div class="sidenav"> <span>No mitigations</span> </div> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Mobile-98b878fc60de4b86963babecaeb73561"> <span>P-R</span> <div class="expand-button collapsed" id="Mobile-98b878fc60de4b86963babecaeb73561-header" data-toggle="collapse" data-target="#Mobile-98b878fc60de4b86963babecaeb73561-body" aria-expanded="false" aria-controls="#Mobile-98b878fc60de4b86963babecaeb73561-body"></div> </div> <div class="sidenav-body collapse" id="Mobile-98b878fc60de4b86963babecaeb73561-body" aria-labelledby="Mobile-98b878fc60de4b86963babecaeb73561-header"> <div class="sidenav"> <span>No mitigations</span> </div> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Mobile-bed9852c56de41ae9dd939086cf869d9"> <span>S-U</span> <div class="expand-button collapsed" id="Mobile-bed9852c56de41ae9dd939086cf869d9-header" data-toggle="collapse" data-target="#Mobile-bed9852c56de41ae9dd939086cf869d9-body" aria-expanded="false" aria-controls="#Mobile-bed9852c56de41ae9dd939086cf869d9-body"></div> </div> <div class="sidenav-body collapse" id="Mobile-bed9852c56de41ae9dd939086cf869d9-body" aria-labelledby="Mobile-bed9852c56de41ae9dd939086cf869d9-header"> <div class="sidenav"> <div class="sidenav-head" id="Mobile-bed9852c56de41ae9dd939086cf869d9-1b8512beb13c459bb735930277e2fce1"> <a href="/versions/v9/mitigations/M1001/"> Security Updates </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Mobile-bed9852c56de41ae9dd939086cf869d9-91eb331fad5747b8b4aa6600862af8cb"> <a href="/versions/v9/mitigations/M1004/"> System Partition Integrity </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Mobile-bed9852c56de41ae9dd939086cf869d9-22e3bfdcf1eb4efebe8afee057deba34"> <a href="/versions/v9/mitigations/M1006/"> Use Recent OS Version </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Mobile-bed9852c56de41ae9dd939086cf869d9-32cfecab7d8a4067bcbc16643468aa3a"> <a href="/versions/v9/mitigations/M1011/"> User Guidance </a> </div> </div> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Mobile-0a2bc3893e1d4798a1d9db0e6180f818"> <span>V-X</span> <div class="expand-button collapsed" id="Mobile-0a2bc3893e1d4798a1d9db0e6180f818-header" data-toggle="collapse" data-target="#Mobile-0a2bc3893e1d4798a1d9db0e6180f818-body" aria-expanded="false" aria-controls="#Mobile-0a2bc3893e1d4798a1d9db0e6180f818-body"></div> </div> <div class="sidenav-body collapse" id="Mobile-0a2bc3893e1d4798a1d9db0e6180f818-body" aria-labelledby="Mobile-0a2bc3893e1d4798a1d9db0e6180f818-header"> <div class="sidenav"> <span>No mitigations</span> </div> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Mobile-c142adcd714545a19ac7cecfb1ab3a1e"> <span>Y-Z</span> <div class="expand-button collapsed" id="Mobile-c142adcd714545a19ac7cecfb1ab3a1e-header" data-toggle="collapse" data-target="#Mobile-c142adcd714545a19ac7cecfb1ab3a1e-body" aria-expanded="false" aria-controls="#Mobile-c142adcd714545a19ac7cecfb1ab3a1e-body"></div> </div> <div class="sidenav-body collapse" id="Mobile-c142adcd714545a19ac7cecfb1ab3a1e-body" aria-labelledby="Mobile-c142adcd714545a19ac7cecfb1ab3a1e-header"> <div class="sidenav"> <span>No mitigations</span> </div> </div> </div> </div> </div> </div>  </div> <div class="tab-content col-xl-10 col-lg-9 col-md-9 pt-4" id="v-tabContent"> <div class="tab-pane fade show active" id="v-attckmatrix" role="tabpanel" aria-labelledby="v-attckmatrix-tab"> <ol class="breadcrumb"> <li class="breadcrumb-item"><a href="/versions/v9/">Home</a></li> <li class="breadcrumb-item"><a href="/versions/v9/mitigations">Mitigations</a></li> <li class="breadcrumb-item">Password Policies</li> </ol> <div class="tab-pane fade show active" id="v-" role="tabpanel" aria-labelledby="v--tab"></div> <div class="row"> <div class="col-xl-12"> <div class="jumbotron jumbotron-fluid"> <div class="container-fluid"> <h1> Password Policies </h1> <div class="row"> <div class="col-md-8"> <div class="description-body"> <p>Set and enforce secure password policies for accounts.</p> </div> </div> <div class="col-md-4"> <div class="card"> <div class="card-body"> <div class="card-data"><span class="h5 card-title">ID:</span> M1027</div> <div class="card-data"><span class="h5 card-title">Version:</span> 1.0</div> <div class="card-data"><span class="h5 card-title">Created: </span>06 June 2019</div> <div class="card-data"><span class="h5 card-title">Last Modified: </span>06 June 2019</div> </div> </div> <div class="text-center pt-2 version-button permalink"> <div class="live"> <a data-toggle="tooltip" data-placement="bottom" title="Permalink to this version of M1027" href="/versions/v9/mitigations/M1027/" data-test-ignore="true">Version Permalink</a> </div> <div class="permalink"> <a data-toggle="tooltip" data-placement="bottom" title="Go to the live version of M1027" href="/mitigations/M1027/" data-test-ignore="true">Live Version</a> </div> </div> </div> </div>  <div class="dropdown h3 mt-3 float-right"> <button class="btn btn-navy dropdown-toggle" type="button" id="dropdownMenuButton" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false"> <b>ATT&CK<sup>®</sup> Navigator Layers</b> </button> <div class="dropdown-menu" aria-labelledby="dropdownMenuButton"> <h6 class="dropdown-header">Enterprise Layer</h6> <a class="dropdown-item" href="/versions/v9/mitigations/M1027/M1027-enterprise-layer.json" download target="_blank">download</a>  <a class="dropdown-item" href="#" id="view-layer-on-navigator-enterprise" target="_blank">view <img width="10" src="/versions/v9/theme/images/external-site-dark.jpeg"></a> <script src="/versions/v9/theme/scripts/settings.js"></script> <script> if (window.location.protocol == "https:") { //view on navigator only works when this site is hosted on HTTPS layerURL = window.location.protocol + "//" + window.location.host + base_url + "mitigations/M1027/M1027-enterprise-layer.json"; document.getElementById("view-layer-on-navigator-enterprise").href = "https://mitre-attack.github.io/attack-navigator//#layerURL=" + encodeURIComponent(layerURL); } else { //hide button document.getElementById("view-layer-on-navigator-enterprise").classList.add("d-none"); } </script> </div> </div>  <h2 class="pt-3" id="techniques">Techniques Addressed by Mitigation</h2> <table class="table techniques-used table-bordered mt-2"> <thead> <tr> <th class="p-2" scope="col">Domain</th> <th class="p-2" colspan="2">ID</th> <th class="p-2" scope="col">Name</th> <th class="p-2" scope="col">Use</th> </tr> </thead> <tbody> <tr class="technique" id="uses-T1110"> <td> Enterprise </td> <td colspan="2"> <a href="/versions/v9/techniques/T1110">T1110</a> </td> <td> <a href="/versions/v9/techniques/T1110">Brute Force</a> </td> <td> <p>Refer to NIST guidelines when creating password policies.<span onclick=scrollToRef('scite-1') id="scite-ref-1-a" class="scite-citeref-number" data-reference="NIST 800-63-3"><sup><a href="https://pages.nist.gov/800-63-3/sp800-63b.html" target="_blank" data-hasqtip="0" aria-describedby="qtip-0">[1]</a></sup></span></p> </td> </tr> <tr class="sub technique" id="uses-T1110-001"> <td></td> <td></td> <td> <a href="/versions/v9/techniques/T1110/001">.001</a> </td> <td> <a href="/versions/v9/techniques/T1110/001">Password Guessing</a> </td> <td> <p>Refer to NIST guidelines when creating password policies. <span onclick=scrollToRef('scite-1') id="scite-ref-1-a" class="scite-citeref-number" data-reference="NIST 800-63-3"><sup><a href="https://pages.nist.gov/800-63-3/sp800-63b.html" target="_blank" data-hasqtip="0" aria-describedby="qtip-0">[1]</a></sup></span></p> </td> </tr> <tr class="sub technique" id="uses-T1110-002"> <td></td> <td></td> <td> <a href="/versions/v9/techniques/T1110/002">.002</a> </td> <td> <a href="/versions/v9/techniques/T1110/002">Password Cracking</a> </td> <td> <p>Refer to NIST guidelines when creating password policies. <span onclick=scrollToRef('scite-1') id="scite-ref-1-a" class="scite-citeref-number" data-reference="NIST 800-63-3"><sup><a href="https://pages.nist.gov/800-63-3/sp800-63b.html" target="_blank" data-hasqtip="0" aria-describedby="qtip-0">[1]</a></sup></span></p> </td> </tr> <tr class="sub technique" id="uses-T1110-003"> <td></td> <td></td> <td> <a href="/versions/v9/techniques/T1110/003">.003</a> </td> <td> <a href="/versions/v9/techniques/T1110/003">Password Spraying</a> </td> <td> <p>Refer to NIST guidelines when creating password policies. <span onclick=scrollToRef('scite-1') id="scite-ref-1-a" class="scite-citeref-number" data-reference="NIST 800-63-3"><sup><a href="https://pages.nist.gov/800-63-3/sp800-63b.html" target="_blank" data-hasqtip="0" aria-describedby="qtip-0">[1]</a></sup></span></p> </td> </tr> <tr class="sub technique" id="uses-T1110-004"> <td></td> <td></td> <td> <a href="/versions/v9/techniques/T1110/004">.004</a> </td> <td> <a href="/versions/v9/techniques/T1110/004">Credential Stuffing</a> </td> <td> <p>Refer to NIST guidelines when creating password policies. <span onclick=scrollToRef('scite-1') id="scite-ref-1-a" class="scite-citeref-number" data-reference="NIST 800-63-3"><sup><a href="https://pages.nist.gov/800-63-3/sp800-63b.html" target="_blank" data-hasqtip="0" aria-describedby="qtip-0">[1]</a></sup></span></p> </td> </tr> <tr class="technique" id="uses-T1555"> <td> Enterprise </td> <td colspan="2"> <a href="/versions/v9/techniques/T1555">T1555</a> </td> <td> <a href="/versions/v9/techniques/T1555">Credentials from Password Stores</a> </td> <td> <p>The password for the user's login keychain can be changed from the user's login password. This increases the complexity for an adversary because they need to know an additional password.</p><p>Organizations may consider weighing the risk of storing credentials in password stores and web browsers. If system, software, or web browser credential disclosure is a significant concern, technical controls, policy, and user training may be used to prevent storage of credentials in improper locations.</p> </td> </tr> <tr class="sub technique" id="uses-T1555-001"> <td></td> <td></td> <td> <a href="/versions/v9/techniques/T1555/001">.001</a> </td> <td> <a href="/versions/v9/techniques/T1555/001">Keychain</a> </td> <td> <p>The password for the user's login keychain can be changed from the user's login password. This increases the complexity for an adversary because they need to know an additional password.</p> </td> </tr> <tr class="sub technique" id="uses-T1555-003"> <td></td> <td></td> <td> <a href="/versions/v9/techniques/T1555/003">.003</a> </td> <td> <a href="/versions/v9/techniques/T1555/003">Credentials from Web Browsers</a> </td> <td> <p>Organizations may consider weighing the risk of storing credentials in web browsers. If web browser credential disclosure is a significant concern, technical controls, policy, and user training may be used to prevent storage of credentials in web browsers.</p> </td> </tr> <tr class="sub technique" id="uses-T1555-005"> <td></td> <td></td> <td> <a href="/versions/v9/techniques/T1555/005">.005</a> </td> <td> <a href="/versions/v9/techniques/T1555/005">Password Managers</a> </td> <td> <p>Refer to NIST guidelines when creating password policies for master passwords.<span onclick=scrollToRef('scite-1') id="scite-ref-1-a" class="scite-citeref-number" data-reference="NIST 800-63-3"><sup><a href="https://pages.nist.gov/800-63-3/sp800-63b.html" target="_blank" data-hasqtip="0" aria-describedby="qtip-0">[1]</a></sup></span></p> </td> </tr> <tr class="technique" id="uses-T1187"> <td> Enterprise </td> <td colspan="2"> <a href="/versions/v9/techniques/T1187">T1187</a> </td> <td> <a href="/versions/v9/techniques/T1187">Forced Authentication</a> </td> <td> <p>Use strong passwords to increase the difficulty of credential hashes from being cracked if they are obtained.</p> </td> </tr> <tr class="technique" id="uses-T1601"> <td> Enterprise </td> <td colspan="2"> <a href="/versions/v9/techniques/T1601">T1601</a> </td> <td> <a href="/versions/v9/techniques/T1601">Modify System Image</a> </td> <td> <p>Refer to NIST guidelines when creating password policies. <span onclick=scrollToRef('scite-1') id="scite-ref-1-a" class="scite-citeref-number" data-reference="NIST 800-63-3"><sup><a href="https://pages.nist.gov/800-63-3/sp800-63b.html" target="_blank" data-hasqtip="0" aria-describedby="qtip-0">[1]</a></sup></span></p> </td> </tr> <tr class="sub technique" id="uses-T1601-001"> <td></td> <td></td> <td> <a href="/versions/v9/techniques/T1601/001">.001</a> </td> <td> <a href="/versions/v9/techniques/T1601/001">Patch System Image</a> </td> <td> <p>Refer to NIST guidelines when creating password policies. <span onclick=scrollToRef('scite-1') id="scite-ref-1-a" class="scite-citeref-number" data-reference="NIST 800-63-3"><sup><a href="https://pages.nist.gov/800-63-3/sp800-63b.html" target="_blank" data-hasqtip="0" aria-describedby="qtip-0">[1]</a></sup></span></p> </td> </tr> <tr class="sub technique" id="uses-T1601-002"> <td></td> <td></td> <td> <a href="/versions/v9/techniques/T1601/002">.002</a> </td> <td> <a href="/versions/v9/techniques/T1601/002">Downgrade System Image</a> </td> <td> <p>Refer to NIST guidelines when creating password policies. <span onclick=scrollToRef('scite-1') id="scite-ref-1-a" class="scite-citeref-number" data-reference="NIST 800-63-3"><sup><a href="https://pages.nist.gov/800-63-3/sp800-63b.html" target="_blank" data-hasqtip="0" aria-describedby="qtip-0">[1]</a></sup></span></p> </td> </tr> <tr class="technique" id="uses-T1599"> <td> Enterprise </td> <td colspan="2"> <a href="/versions/v9/techniques/T1599">T1599</a> </td> <td> <a href="/versions/v9/techniques/T1599">Network Boundary Bridging</a> </td> <td> <p>Refer to NIST guidelines when creating password policies. <span onclick=scrollToRef('scite-1') id="scite-ref-1-a" class="scite-citeref-number" data-reference="NIST 800-63-3"><sup><a href="https://pages.nist.gov/800-63-3/sp800-63b.html" target="_blank" data-hasqtip="0" aria-describedby="qtip-0">[1]</a></sup></span></p> </td> </tr> <tr class="sub technique" id="uses-T1599-001"> <td></td> <td></td> <td> <a href="/versions/v9/techniques/T1599/001">.001</a> </td> <td> <a href="/versions/v9/techniques/T1599/001">Network Address Translation Traversal</a> </td> <td> <p>Refer to NIST guidelines when creating password policies. <span onclick=scrollToRef('scite-1') id="scite-ref-1-a" class="scite-citeref-number" data-reference="NIST 800-63-3"><sup><a href="https://pages.nist.gov/800-63-3/sp800-63b.html" target="_blank" data-hasqtip="0" aria-describedby="qtip-0">[1]</a></sup></span></p> </td> </tr> <tr class="technique" id="uses-T1003"> <td> Enterprise </td> <td colspan="2"> <a href="/versions/v9/techniques/T1003">T1003</a> </td> <td> <a href="/versions/v9/techniques/T1003">OS Credential Dumping</a> </td> <td> <p>Ensure that local administrator accounts have complex, unique passwords across all systems on the network.</p> </td> </tr> <tr class="sub technique" id="uses-T1003-001"> <td></td> <td></td> <td> <a href="/versions/v9/techniques/T1003/001">.001</a> </td> <td> <a href="/versions/v9/techniques/T1003/001">LSASS Memory</a> </td> <td> <p>Ensure that local administrator accounts have complex, unique passwords across all systems on the network.</p> </td> </tr> <tr class="sub technique" id="uses-T1003-002"> <td></td> <td></td> <td> <a href="/versions/v9/techniques/T1003/002">.002</a> </td> <td> <a href="/versions/v9/techniques/T1003/002">Security Account Manager</a> </td> <td> <p>Ensure that local administrator accounts have complex, unique passwords across all systems on the network.</p> </td> </tr> <tr class="sub technique" id="uses-T1003-003"> <td></td> <td></td> <td> <a href="/versions/v9/techniques/T1003/003">.003</a> </td> <td> <a href="/versions/v9/techniques/T1003/003">NTDS</a> </td> <td> <p>Ensure that local administrator accounts have complex, unique passwords across all systems on the network.</p> </td> </tr> <tr class="sub technique" id="uses-T1003-004"> <td></td> <td></td> <td> <a href="/versions/v9/techniques/T1003/004">.004</a> </td> <td> <a href="/versions/v9/techniques/T1003/004">LSA Secrets</a> </td> <td> <p>Ensure that local administrator accounts have complex, unique passwords across all systems on the network.</p> </td> </tr> <tr class="sub technique" id="uses-T1003-005"> <td></td> <td></td> <td> <a href="/versions/v9/techniques/T1003/005">.005</a> </td> <td> <a href="/versions/v9/techniques/T1003/005">Cached Domain Credentials</a> </td> <td> <p>Ensure that local administrator accounts have complex, unique passwords across all systems on the network.</p> </td> </tr> <tr class="sub technique" id="uses-T1003-006"> <td></td> <td></td> <td> <a href="/versions/v9/techniques/T1003/006">.006</a> </td> <td> <a href="/versions/v9/techniques/T1003/006">DCSync</a> </td> <td> <p>Ensure that local administrator accounts have complex, unique passwords across all systems on the network.</p> </td> </tr> <tr class="sub technique" id="uses-T1003-007"> <td></td> <td></td> <td> <a href="/versions/v9/techniques/T1003/007">.007</a> </td> <td> <a href="/versions/v9/techniques/T1003/007">Proc Filesystem</a> </td> <td> <p>Ensure that root accounts have complex, unique passwords across all systems on the network.</p> </td> </tr> <tr class="sub technique" id="uses-T1003-008"> <td></td> <td></td> <td> <a href="/versions/v9/techniques/T1003/008">.008</a> </td> <td> <a href="/versions/v9/techniques/T1003/008">/etc/passwd and /etc/shadow</a> </td> <td> <p>Ensure that root accounts have complex, unique passwords across all systems on the network.</p> </td> </tr> <tr class="technique" id="uses-T1201"> <td> Enterprise </td> <td colspan="2"> <a href="/versions/v9/techniques/T1201">T1201</a> </td> <td> <a href="/versions/v9/techniques/T1201">Password Policy Discovery</a> </td> <td> <p>Ensure only valid password filters are registered. Filter DLLs must be present in Windows installation directory (<code>C:\Windows\System32\</code> by default) of a domain controller and/or local computer with a corresponding entry in <code>HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Notification Packages</code>. <span onclick=scrollToRef('scite-2') id="scite-ref-2-a" class="scite-citeref-number" data-reference="Microsoft Install Password Filter n.d"><sup><a href="https://msdn.microsoft.com/library/windows/desktop/ms721766.aspx" target="_blank" data-hasqtip="1" aria-describedby="qtip-1">[2]</a></sup></span></p> </td> </tr> <tr class="sub technique noparent" id="uses-T1563-001"> <td> Enterprise </td> <td> <a href="/versions/v9/techniques/T1563">T1563</a> </td> <td> <a href="/versions/v9/techniques/T1563/001">.001</a> </td> <td> <a href="/versions/v9/techniques/T1563">Remote Service Session Hijacking</a>: <a href="/versions/v9/techniques/T1563/001">SSH Hijacking</a> </td> <td> <p>Ensure SSH key pairs have strong passwords and refrain from using key-store technologies such as ssh-agent unless they are properly protected.</p> </td> </tr> <tr class="sub technique noparent" id="uses-T1021-002"> <td> Enterprise </td> <td> <a href="/versions/v9/techniques/T1021">T1021</a> </td> <td> <a href="/versions/v9/techniques/T1021/002">.002</a> </td> <td> <a href="/versions/v9/techniques/T1021">Remote Services</a>: <a href="/versions/v9/techniques/T1021/002">SMB/Windows Admin Shares</a> </td> <td> <p>Do not reuse local administrator account passwords across systems. Ensure password complexity and uniqueness such that the passwords cannot be cracked or guessed.</p> </td> </tr> <tr class="technique" id="uses-T1072"> <td> Enterprise </td> <td colspan="2"> <a href="/versions/v9/techniques/T1072">T1072</a> </td> <td> <a href="/versions/v9/techniques/T1072">Software Deployment Tools</a> </td> <td> <p>Verify that account credentials that may be used to access deployment systems are unique and not used throughout the enterprise network.</p> </td> </tr> <tr class="technique" id="uses-T1558"> <td> Enterprise </td> <td colspan="2"> <a href="/versions/v9/techniques/T1558">T1558</a> </td> <td> <a href="/versions/v9/techniques/T1558">Steal or Forge Kerberos Tickets</a> </td> <td> <p>Ensure strong password length (ideally 25+ characters) and complexity for service accounts and that these passwords periodically expire.<span onclick=scrollToRef('scite-3') id="scite-ref-3-a" class="scite-citeref-number" data-reference="AdSecurity Cracking Kerberos Dec 2015"><sup><a href="https://adsecurity.org/?p=2293" target="_blank" data-hasqtip="2" aria-describedby="qtip-2">[3]</a></sup></span> Also consider using Group Managed Service Accounts or another third party product such as password vaulting.<span onclick=scrollToRef('scite-3') id="scite-ref-3-a" class="scite-citeref-number" data-reference="AdSecurity Cracking Kerberos Dec 2015"><sup><a href="https://adsecurity.org/?p=2293" target="_blank" data-hasqtip="2" aria-describedby="qtip-2">[3]</a></sup></span></p> </td> </tr> <tr class="sub technique" id="uses-T1558-002"> <td></td> <td></td> <td> <a href="/versions/v9/techniques/T1558/002">.002</a> </td> <td> <a href="/versions/v9/techniques/T1558/002">Silver Ticket</a> </td> <td> <p>Ensure strong password length (ideally 25+ characters) and complexity for service accounts and that these passwords periodically expire.<span onclick=scrollToRef('scite-3') id="scite-ref-3-a" class="scite-citeref-number" data-reference="AdSecurity Cracking Kerberos Dec 2015"><sup><a href="https://adsecurity.org/?p=2293" target="_blank" data-hasqtip="2" aria-describedby="qtip-2">[3]</a></sup></span> Also consider using Group Managed Service Accounts or another third party product such as password vaulting.<span onclick=scrollToRef('scite-3') id="scite-ref-3-a" class="scite-citeref-number" data-reference="AdSecurity Cracking Kerberos Dec 2015"><sup><a href="https://adsecurity.org/?p=2293" target="_blank" data-hasqtip="2" aria-describedby="qtip-2">[3]</a></sup></span></p> </td> </tr> <tr class="sub technique" id="uses-T1558-003"> <td></td> <td></td> <td> <a href="/versions/v9/techniques/T1558/003">.003</a> </td> <td> <a href="/versions/v9/techniques/T1558/003">Kerberoasting</a> </td> <td> <p>Ensure strong password length (ideally 25+ characters) and complexity for service accounts and that these passwords periodically expire.<span onclick=scrollToRef('scite-3') id="scite-ref-3-a" class="scite-citeref-number" data-reference="AdSecurity Cracking Kerberos Dec 2015"><sup><a href="https://adsecurity.org/?p=2293" target="_blank" data-hasqtip="2" aria-describedby="qtip-2">[3]</a></sup></span> Also consider using Group Managed Service Accounts or another third party product such as password vaulting.<span onclick=scrollToRef('scite-3') id="scite-ref-3-a" class="scite-citeref-number" data-reference="AdSecurity Cracking Kerberos Dec 2015"><sup><a href="https://adsecurity.org/?p=2293" target="_blank" data-hasqtip="2" aria-describedby="qtip-2">[3]</a></sup></span></p> </td> </tr> <tr class="sub technique" id="uses-T1558-004"> <td></td> <td></td> <td> <a href="/versions/v9/techniques/T1558/004">.004</a> </td> <td> <a href="/versions/v9/techniques/T1558/004">AS-REP Roasting</a> </td> <td> <p>Ensure strong password length (ideally 25+ characters) and complexity for service accounts and that these passwords periodically expire. Also consider using Group Managed Service Accounts or another third party product such as password vaulting. <span onclick=scrollToRef('scite-3') id="scite-ref-3-a" class="scite-citeref-number" data-reference="AdSecurity Cracking Kerberos Dec 2015"><sup><a href="https://adsecurity.org/?p=2293" target="_blank" data-hasqtip="2" aria-describedby="qtip-2">[3]</a></sup></span></p> </td> </tr> <tr class="technique" id="uses-T1537"> <td> Enterprise </td> <td colspan="2"> <a href="/versions/v9/techniques/T1537">T1537</a> </td> <td> <a href="/versions/v9/techniques/T1537">Transfer Data to Cloud Account</a> </td> <td> <p>Consider rotating access keys within a certain number of days to reduce the effectiveness of stolen credentials.</p> </td> </tr> <tr class="technique" id="uses-T1552"> <td> Enterprise </td> <td colspan="2"> <a href="/versions/v9/techniques/T1552">T1552</a> </td> <td> <a href="/versions/v9/techniques/T1552">Unsecured Credentials</a> </td> <td> <p>Use strong passphrases for private keys to make cracking difficult. Do not store credentials within the Registry. Establish an organizational policy that prohibits password storage in files.</p> </td> </tr> <tr class="sub technique" id="uses-T1552-001"> <td></td> <td></td> <td> <a href="/versions/v9/techniques/T1552/001">.001</a> </td> <td> <a href="/versions/v9/techniques/T1552/001">Credentials In Files</a> </td> <td> <p>Establish an organizational policy that prohibits password storage in files.</p> </td> </tr> <tr class="sub technique" id="uses-T1552-002"> <td></td> <td></td> <td> <a href="/versions/v9/techniques/T1552/002">.002</a> </td> <td> <a href="/versions/v9/techniques/T1552/002">Credentials in Registry</a> </td> <td> <p>Do not store credentials within the Registry.</p> </td> </tr> <tr class="sub technique" id="uses-T1552-004"> <td></td> <td></td> <td> <a href="/versions/v9/techniques/T1552/004">.004</a> </td> <td> <a href="/versions/v9/techniques/T1552/004">Private Keys</a> </td> <td> <p>Use strong passphrases for private keys to make cracking difficult.</p> </td> </tr> <tr class="sub technique noparent" id="uses-T1550-003"> <td> Enterprise </td> <td> <a href="/versions/v9/techniques/T1550">T1550</a> </td> <td> <a href="/versions/v9/techniques/T1550/003">.003</a> </td> <td> <a href="/versions/v9/techniques/T1550">Use Alternate Authentication Material</a>: <a href="/versions/v9/techniques/T1550/003">Pass the Ticket</a> </td> <td> <p>Ensure that local administrator accounts have complex, unique passwords.</p> </td> </tr> <tr class="technique" id="uses-T1078"> <td> Enterprise </td> <td colspan="2"> <a href="/versions/v9/techniques/T1078">T1078</a> </td> <td> <a href="/versions/v9/techniques/T1078">Valid Accounts</a> </td> <td> <p>Applications and appliances that utilize default username and password should be changed immediately after the installation, and before deployment to a production environment. <span onclick=scrollToRef('scite-4') id="scite-ref-4-a" class="scite-citeref-number" data-reference="US-CERT Alert TA13-175A Risks of Default Passwords on the Internet"><sup><a href="https://www.us-cert.gov/ncas/alerts/TA13-175A" target="_blank" data-hasqtip="3" aria-describedby="qtip-3">[4]</a></sup></span> When possible, applications that use SSH keys should be updated periodically and properly secured.</p> </td> </tr> <tr class="sub technique" id="uses-T1078-001"> <td></td> <td></td> <td> <a href="/versions/v9/techniques/T1078/001">.001</a> </td> <td> <a href="/versions/v9/techniques/T1078/001">Default Accounts</a> </td> <td> <p>Applications and appliances that utilize default username and password should be changed immediately after the installation, and before deployment to a production environment. <span onclick=scrollToRef('scite-4') id="scite-ref-4-a" class="scite-citeref-number" data-reference="US-CERT Alert TA13-175A Risks of Default Passwords on the Internet"><sup><a href="https://www.us-cert.gov/ncas/alerts/TA13-175A" target="_blank" data-hasqtip="3" aria-describedby="qtip-3">[4]</a></sup></span></p> </td> </tr> <tr class="sub technique" id="uses-T1078-003"> <td></td> <td></td> <td> <a href="/versions/v9/techniques/T1078/003">.003</a> </td> <td> <a href="/versions/v9/techniques/T1078/003">Local Accounts</a> </td> <td> <p>Ensure that local administrator accounts have complex, unique passwords across all systems on the network.</p> </td> </tr> <tr class="sub technique" id="uses-T1078-004"> <td></td> <td></td> <td> <a href="/versions/v9/techniques/T1078/004">.004</a> </td> <td> <a href="/versions/v9/techniques/T1078/004">Cloud Accounts</a> </td> <td> <p>Ensure that cloud accounts, particularly privileged accounts, have complex, unique passwords across all systems on the network. Passwords and access keys should be rotated regularly. This limits the amount of time credentials can be used to access resources if a credential is compromised without your knowledge. Cloud service providers may track access key age to help audit and identify keys that may need to be rotated.<span onclick=scrollToRef('scite-5') id="scite-ref-5-a" class="scite-citeref-number" data-reference="AWS - IAM Console Best Practices"><sup><a href="https://aws.amazon.com/blogs/security/newly-updated-features-in-the-aws-iam-console-help-you-adhere-to-iam-best-practices/" target="_blank" data-hasqtip="4" aria-describedby="qtip-4">[5]</a></sup></span></p> </td> </tr> </tbody> </table> <h2 class="pt-3" id="references">References</h2> <div class="row"> <div class="col"> <ol> <li> <span id="scite-1" class="scite-citation"> <span class="scite-citation-text"> <a rel="nofollow" class="external text" name="scite-1" href="https://pages.nist.gov/800-63-3/sp800-63b.html" target="_blank"> Grassi, P., et al. (2017, December 1). SP 800-63-3, Digital Identity Guidelines. Retrieved January 16, 2019. </a> </span> </span> </li> <li> <span id="scite-2" class="scite-citation"> <span class="scite-citation-text"> <a rel="nofollow" class="external text" name="scite-2" href="https://msdn.microsoft.com/library/windows/desktop/ms721766.aspx" target="_blank"> Microsoft. (n.d.). Installing and Registering a Password Filter DLL. Retrieved November 21, 2017. </a> </span> </span> </li> <li> <span id="scite-3" class="scite-citation"> <span class="scite-citation-text"> <a rel="nofollow" class="external text" name="scite-3" href="https://adsecurity.org/?p=2293" target="_blank"> Metcalf, S. (2015, December 31). Cracking Kerberos TGS Tickets Using Kerberoast – Exploiting Kerberos to Compromise the Active Directory Domain. Retrieved March 22, 2018. </a> </span> </span> </li> </ol> </div> <div class="col"> <ol start="4.0"> <li> <span id="scite-4" class="scite-citation"> <span class="scite-citation-text"> <a rel="nofollow" class="external text" name="scite-4" href="https://www.us-cert.gov/ncas/alerts/TA13-175A" target="_blank"> US-CERT. (n.d.). Risks of Default Passwords on the Internet. Retrieved April 12, 2019. </a> </span> </span> </li> <li> <span id="scite-5" class="scite-citation"> <span class="scite-citation-text"> <a rel="nofollow" class="external text" name="scite-5" href="https://aws.amazon.com/blogs/security/newly-updated-features-in-the-aws-iam-console-help-you-adhere-to-iam-best-practices/" target="_blank"> Moncur, Rob. (2020, July 5). New Information in the AWS IAM Console Helps You Follow IAM Best Practices. Retrieved August 4, 2020. </a> </span> </span> </li> </ol> </div> </div> </div> </div> </div> </div> </div> </div> </div> </div>  <div class="overlay search" id="search-overlay" style="display: none;"> <div class="overlay-inner">  <div class="search-header"> <div class="search-input"> <input type="text" id="search-input" placeholder="search"> </div> <div class="search-icons"> <div class="search-parsing-icon spinner-border" style="display: none" id="search-parsing-icon"></div> <div class="close-search-icon" id="close-search-icon">×</div> </div> </div>  <div id="search-body" class="search-body"> <div class="results" id="search-results">  </div> <div id="load-more-results" class="load-more-results"> <button class="btn btn-default" id="load-more-results-button">load more results</button> </div> </div> </div> </div> </div> <footer class="footer p-3"> <div class="container-fluid"> <div class="row"> <div class="col-4 col-sm-4 col-md-3"> <div class="footer-center-responsive my-auto"> <a href="https://www.mitre.org" target="_blank" rel="noopener" aria-label="MITRE"> <img src="/versions/v9/theme/images/mitrelogowhiteontrans.gif" class="mitre-logo-wtrans"> </a> </div> </div> <div class="col-2 col-sm-2 footer-responsive-break"></div> <div class="col-6 col-sm-6 text-center"> <p> © 2015-2021, The MITRE Corporation. MITRE ATT&CK and ATT&CK are registered trademarks of The MITRE Corporation. </p> <div class="row"> <div class="col text-right"> <small> <a href="/versions/v9/resources/privacy" class="footer-link">Privacy Policy</a> </small> </div> <div class="col text-center"> <small> <a href="/versions/v9/resources/terms-of-use" class="footer-link">Terms of Use</a> </small> </div> <div class="col text-left "> <small> <a href="/versions/v9/resources/changelog.html" class="footer-link" data-toggle="tooltip" data-placement="top" title="ATT&CK content version 9.0Website version 3.3.1">ATT&CK v9.0</a> </small> </div> </div> </div> <div class="w-100 p-2 footer-responsive-break"></div> <div class="col"> <div class="footer-float-right-responsive-brand"> <div class="mb-1"> <a href="https://twitter.com/MITREattack" class="btn btn-primary w-100">  <img src="/versions/v9/theme/images/twitter.png" class="mr-1 twitter-icon"> <b>@MITREattack</b> </a> </div> <div class=""> <a href="/versions/v9/contact" class="btn btn-primary w-100"> Contact </a> </div> </div> </div> </div> </div> </div> </footer> </div>  <script src="/versions/v9/theme/scripts/jquery-3.5.1.min.js"></script> <script src="/versions/v9/theme/scripts/popper.min.js"></script> <script src="/versions/v9/theme/scripts/bootstrap.bundle.min.js"></script> <script src="/versions/v9/theme/scripts/site.js"></script> <script src="/versions/v9/theme/scripts/flexsearch.es5.js"></script> <script src="/versions/v9/theme/scripts/localforage.min.js"></script> <script src="/versions/v9/theme/scripts/settings.js?7900"></script> <script src="/versions/v9/theme/scripts/search_babelized.js"></script>  <script src="/versions/v9/theme/scripts/navigation.js"></script> </body> </html>

CINXE.COM

Password Policies, Mitigation M1027 - Enterprise | MITRE ATT&CK®