Weak credential policy - Password strength
Description
The credential policy present in the system does not have the recommended parameters.
Impact
Allow users to assign weak passwords to their accounts, which can later be easily found by an attacker through brute force or dictionary attacks.
Recommendation
Establish a policy for credential creation that involves phrases and not word-based passwords.
Threat
Attacker with an account creation invitation from the Internet.
Expected Remediation Time
⏱️ 30 minutes.