Credential Best Practices
You use this to log in to your computer or online accounts.
What is a password?
Organizations require this to limit the amount of time a password can be used.
What is password rotation?
In RBAC, access is assigned based on this.
What is a user's role?
You should never share these with anyone, including coworkers or supervisors.
What are login credentials?
Regularly rotating passwords helps defend against these types of attacks where stolen credentials are reused.
What are credential stuffing attacks?
The principle of "least privilege" is closely aligned with this access control model.
What is RBAC (Role-Based Access Control)?
MFA stands for this, a method that adds an extra layer of security beyond username and password.
What is Multi-Factor Authentication?
Password rotation policies should be based on this rather than arbitrary time intervals.
What is risk level or exposure?
These rules define what roles can perform which actions in a system.
What are access control policies?
These types of accounts should have the least amount of access necessary to perform their functions.
What are least privilege accounts?
Overly frequent password rotation can lead to this risky user behavior.
What is password reuse or weak passwords?
A key advantage of RBAC is this, which helps when managing permissions for large organizations.
What is scalability or simplified administration?
When using a credential vault, it's important to do this to unused or orphaned credentials.
What is revoke or delete them?
This method can enforce password expiration and prompt users to create new ones.
What is a group policy or identity management system?
RBAC differs from ABAC (Attribute-Based Access Control) because it uses this type of criteria.
What are predefined roles instead of dynamic attributes?