Documentation - V-276276

V-276276

Microsoft Azure SQL Managed Instance Security Technical Implementation Guide

CAT II

Title

Azure SQL Server Managed Instance must, for password-based authentication, require immediate selection of a new password upon account recovery.

Description

<VulnDiscussion>Password-based authentication applies to passwords regardless of whether they are used in single-factor or multifactor authentication. Long passwords or passphrases are preferable over shorter passwords. Enforced composition rules provide marginal security benefits while decreasing usability. However, organizations may choose to establish certain rules for password generation (e.g., minimum character length for long passwords) under certain circumstances and can enforce this requ...

Fix Text (Documentation Requirement)

Create documentation to ensure administrators select "User must change password at next login" when a SQL login password is reset. OR Enable Entra-only Authentication. Refer to: https://learn.microsoft.com/en-us/azure/azure-sql/database/authentication-azure-ad-only-authentication-tutorial?view=azuresql&tabs=azure-powershell

View Full STIG Details →

Documentation Status

Status

Documented Verified - link to a ship document Awaiting Review Evidence submitted, needs verification Pending Needs documentation Not Required Documentation not needed Not Applicable STIG doesn't apply

Notes (Optional)

Cancel