Password Management

CCC.RDMS.CN01: Password Management

Control ID:CCC.RDMS.CN01

Title:Password Management

Objective:Ensure default vendor-supplied DB administrator credentials are replaced with strong, unique passwords and that these credentials are properly managed using a secure password or secrets management solution.

Control Family:

Identity and Access Management

Related Threats

ID	Title	Description	External Mappings	Capability Mappings	Control Mappings
CCC.RDMS.TH01	Unauthorized Access via Default Credentials	If default credentials are not disabled or changed, unauthorized access may be gained to the RDMS environment. This may lead to data breaches, data manipulation, or overall compromise of the database instance.	1	1	0

Related Capabilities

ID	Title	Description
CCC.RDMS.CP06	DB Managed Credentials	Ability to managed the database credentials using the cloud provider's secret management service.
CCC.RDMS.CP07	DB Self Managed Credentials	Ability to manage the database credentials by client managed username and passwords.

Guideline Mappings

Reference ID	Entry ID	Strength	Remarks
NIST-CSF	PR.AA-01	0	-
NIST_800_53	AC-2	0	-

Assessment Requirements

ID	Description	Applicability
CCC.RDMS.CN01.AR02	When an attempt is made to authenticate to the database using known default credentials, the authentication attempt must fail and no access should be granted.	tlp-red tlp-amber