💼 6.8 Ensure that a 'Custom banned password list' is set to 'Enforce' (Manual)

ID: /frameworks/cis-azure-v4.0.0/06/08

Description

Microsoft Azure applies a default global banned password list to all user and admin accounts that are created and managed directly in Microsoft Entra ID. The Microsoft Entra password policy does not apply to user accounts that are synchronized from an on-premises Active Directory environment, unless Microsoft Entra ID Connect is used and EnforceCloudPasswordPolicyForPasswordSyncedUsers is enabled. Review the Default Value section for more detail on the password policy. For increased password security, a custom banned password list is recommended

Similar

Sections
- /frameworks/cis-azure-v3.0.0/02/08

Similar Sections (Take Policies From)

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance
💼 CIS Azure v3.0.0 → 💼 2.8 Ensure that a Custom Bad Password List is set to 'Enforce' for your Organization (Manual)			1		no data

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance
💼 CIS Azure v3.0.0 → 💼 2.8 Ensure that a Custom Bad Password List is set to 'Enforce' for your Organization (Manual)			1		no data

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance

Policies (1)

Policy	Logic Count	Flags	Compliance
🛡️ Microsoft Entra ID Custom Banned Password List is not enforced🟢⚪		🟢 x2, ⚪ x1	no data

Description​

Similar​

Similar Sections (Take Policies From)​

Similar Sections (Give Policies To)​

Sub Sections​

Policies (1)​