You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|**2.10.1**| Verify that intra-service secrets do not rely on unchanging credentials such as passwords, API keys or shared accounts with privileged access. || OS assisted | HSM | 287 | 5.1.1.1 |
|**2.10.2**| Verify that if passwords are required for service authentication, the service account used is not running on default credentials. (e.g. root/root or admin/admin are default in some services during installation). || OS assisted | HSM | 255 | 5.1.1.1 |
|**2.10.2**| Verify that if passwords are required for service authentication, the service account used is not a default credential. (e.g. root/root or admin/admin are default in some services during installation). || OS assisted | HSM | 255 | 5.1.1.1 |
|**2.10.3**| Verify that passwords are stored with sufficient protection to prevent offline recovery attacks, including local system access. || OS assisted | HSM | 522 | 5.1.1.1 |
|**2.10.4**| Verify passwords, integrations with databases and third-party systems, seeds and internal secrets, and API keys are managed securely and not included in the source code or stored within source code repositories. Such storage SHOULD resist offline attacks. The use of a secure software key store (L1), hardware TPM, or an HSM (L3) is recommended for password storage. || OS assisted | HSM | 798 ||
