H3-2022-0087¶

Password Reuse

Description¶

A password was found to be reused in the environment across different users.

Impact¶

Attackers can exploit password reuse to discover new credentials and move laterally through the environment, gaining access to more data, applications, and hosts.

References¶

• NIST Password Guidelines
• MITRE ATT&CK Technique: T1078: Valid Accounts