💼 2.8 Ensure that a Custom Bad Password List is set to 'Enforce' for your Organization (Manual)

Contextual name: 💼 2.8 Ensure that a Custom Bad Password List is set to 'Enforce' for your Organization (Manual)
ID: /frameworks/cis-azure-v3.0.0/02/08
Located in: 💼 2 Identity

Description

Microsoft Azure provides a Global Banned Password policy that applies to Azure administrative and normal user accounts. This is not applied to user accounts that are synced from an on-premise Active Directory unless Microsoft Entra ID Connect is used and you enable EnforceCloudPasswordPolicyForPasswordSyncedUsers. Please see the list in default values on the specifics of this policy. To further password security, it is recommended to further define a custom banned password policy.

Similar

Sections
- /frameworks/cis-azure-v2.1.0/01/06
- /frameworks/cis-azure-v4.0.0/06/08

Similar Sections (Take Policies From)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 CIS Azure v2.1.0 → 💼 1.6 Ensure that a Custom Bad Password List is set to 'Enforce' for your Organization - Level 1 (Manual)			1
💼 CIS Azure v4.0.0 → 💼 6.8 Ensure that a 'Custom banned password list' is set to 'Enforce' (Manual)			1

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 CIS Azure v2.1.0 → 💼 1.6 Ensure that a Custom Bad Password List is set to 'Enforce' for your Organization - Level 1 (Manual)			1
💼 CIS Azure v4.0.0 → 💼 6.8 Ensure that a 'Custom banned password list' is set to 'Enforce' (Manual)			1

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags

Policies (1)

Policy	Logic Count	Flags
📝 Microsoft Entra ID Custom Banned Password List is not enforced 🟢		🟢 x3

Description​

Similar​

Similar Sections (Take Policies From)​

Similar Sections (Give Policies To)​

Sub Sections​

Policies (1)​