Authentication mechanism absence or evasion - Azure
Description
The system has flaws over authentication mechanisms or had been configured with one that can be bypassed.
Impact
- Allow organizations to be vulnerable to stealthy brute-force attacks. - Allow fraudulent attempts on access users accounts.
Recommendation
- Force users to register multiple authentication methods. - Enable Azure Fraud alert to empower users to proactively report attempts of someone trying to use their account. - Set account lockout thresholds notifications.
Threat
Anonymous attacker with credentials access from the Internet.
Expected Remediation Time
⏱️ 60 minutes.
Requirements
227 - Display access notification228 - Authenticate using standard protocols229 - Request access credentials231 - Implement a biometric verification component235 - Define credential interface264 - Request authentication323 - Exclude unverifiable filesFixes