Emergency Admin Account Check [CHK-1053]
This check ensures that the Emergency Admin password is changed within 5 days of its creation.
Rationale
An unchanged Emergency Admin password can lead to security vulnerabilities. This check verifies whether the password has been changed within the specified time frame.
Fix
An automated fix is available through Attic. If the output is a warning, Attic will disable the account until the password is changed.
Manual steps:
If the emergency account is disabled:
- Navigate to: https://portal.azure.com
- Go to: Azure AD > Users > [Your User Principal Name] and click edit
- Set the account to enabled and change the password
If the emergency account is enabled but the password has not been changed:
- Navigate to: https://portal.azure.com
- Go to: Azure AD > Users > [Your User Principal Name] and click edit
- Change the password
Impact
If the password is not changed within 5 days of creation, the account will be disabled until the password is updated. This ensures the account is secure and only accessible to the intended user.
More Information
For more details, please refer to the Attic Security Documentation.