Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

GR2 | Validation 6 | Banned Password List Bug #313

Open
MathesonSho opened this issue Dec 13, 2024 · 0 comments
Open

GR2 | Validation 6 | Banned Password List Bug #313

MathesonSho opened this issue Dec 13, 2024 · 0 comments
Labels
bug Something isn't working question Further information is requested

Comments

@MathesonSho
Copy link
Contributor

Describe the bug
When the Lockout Threshold = 10 and the Banned Password list contains ("password", "Password!", "Summer2018") the resulting compliance status shows as non-compliant when it should be compliant.

Additionally, when the list only contains those 3 examples it is compliant. Which is not expected. It should be non-compliant.

Example List1: resulted in non-compliance

password
Password!
Summer2018
Shared
Services
Canada
Cloud
Security
Posture
Management
Government
Federal

Example List2: resulted in non-compliance

Shared
Services
Canada
Cloud
Security
Posture
Management
Government
Federal
password
Password!
Summer2018

Example List3: resultsed in compliance - when it should be non-compliant. (there should be other restricted password components)

password
Password!
Summer2018

Azure CaC version
v2.1.2 in 163gccspm

To Reproduce
Steps to reproduce the behavior:

  1. Go to MS Entra Admin Centre -> Protection -> Authentication Methods -> Password Protection in 163gccspm
  2. View the custom banned password list
  3. see the required banned words
  4. See non-compliance status

Expected behavior
If the list contains all of the required banned words then it should be compliant. It should be a list greater than 3.

Screenshots
image

Additional Context

After running 4+ times it did appear as compliant for example List1. Is there a delay between setting config updates and the list our tool grabs the information from?

@MathesonSho MathesonSho added bug Something isn't working question Further information is requested labels Dec 13, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Something isn't working question Further information is requested
Projects
None yet
Development

No branches or pull requests

1 participant