Credential

Access Control Configuration

Access Control List

Access Token

Activity Dependency

Address Space

Administrative Network Traffic

Alias

Allocate Memory

Application

Application Configuration

Application Configuration Database

Application Configuration Database Record

Application Configuration File

Application Installer

Application Inventory Sensor

Application Layer Firewall

Application Layer Link

Application Process

Application Process Configuration

Application Rule

Application Shim

Archive File

Artifact Server

Asymmetric Key

Audio Input Device

Authenticate User

Authentication

Authentication Function

Authentication Log

Authentication Server

Authentication Service

Authorization

Authorization Log

Authorization Service

Barcode Scanner Input Device

Binary Large Object

Binary Segment

Blob

Block Device

Boot Loader

Boot Record

Boot Sector

Browser

Browser Extension

Build Tool

Business Communication Platform Client

CA Certificate File

Processor Cache Memory

Call Stack

Central Processing Unit

Certificate

Certificate File

Certificate Trust Store

Chatroom Client

Child Process

Client Application

Client Computer

Clipboard

Cloud Configuration

Cloud Instance Metadata

Cloud Service Authentication

Cloud Service Authorization

Cloud Service Sensor

Cloud Storage

Cloud User Account

Code Analyzer

Code Repository

Collaborative Software

Network Agent

Command

Command History Log

Command History Log File

Command Line Interface

Compiler

Compiler Configuration File

Computing Server

Configuration Database

Configuration Database Record

Configuration File

Configuration Management Database

Configuration Resource

Connect Socket

Console Output Function

Container Build Tool

Container Image

Container Orchestration Software

Container Process

Container Runtime

Copy Memory Function

Copy Token

Create File

Create Process

Create Socket

Create Thread

Credential

Credential Management System

Cryptographic Key

Custom Archive File

DNS Lookup

DNS Network Traffic

DNS Record

DNS Server

Data Artifact Server

Data Dependency

Data Link Link

Database

Database File

Database Query

Database Server

Decoy Artifact

Default User Account

Dependency

Deserialization Function

Desktop Computer

Developer Application

Dial Up Modem

Digital Artifact

Digital System

Object Properties

id: d3f:Credential

name: Credential
definition: A credential is a physical/tangible object, a piece of knowledge, or a facet of a person's physical being that enables an individual access to a given physical facility or computer-based information system. Typically, credentials can be something a person knows (such as a number or PIN), something they have (such as an access badge), something they are (such as a biometric feature), something they do (measurable behavioral patterns) or some combination of these items. This is known as multi-factor authentication. The typical credential is an access card or key-fob, and newer software can also turn users' smartphones into access devices.
defined by: http://dbpedia.org/resource/Access_control#Credential
see also: http://dbpedia.org/resource/Access_control

json

Neighbors

        graph LR;

    

    d3f:Credential["Credential"] --> | authenticates | d3f:UserAccount["User Account"]; 

          class d3f:Credential RootArtifactNode; class d3f:UserAccount ArtifactNode;
          click d3f:Credential href "/dao/artifact/undefined";
          click d3f:UserAccount href "/dao/artifact/d3f:UserAccount";

Inferred Relationships

This page is experimental and may change significantly in future releases.

Hierarchy

(filtered)

Related Countermeasure Techniques

        graph LR;

      DecoySessionToken["Decoy Session Token"] -->
          | spoofs | AccessToken["Access Token"]; class DecoySessionToken DefensiveTechniqueNode; class AccessToken ArtifactNode; click DecoySessionToken href "/technique/d3f:DecoySessionToken"; click AccessToken href "/dao/artifact/d3f:AccessToken";DecoyUserCredential["Decoy User Credential"] -->
          | spoofs | Credential["Credential"]; class DecoyUserCredential DefensiveTechniqueNode; class Credential ArtifactNode; click DecoyUserCredential href "/technique/d3f:DecoyUserCredential"; click Credential href "/dao/artifact/d3f:Credential";CredentialTransmissionScoping["Credential Transmission Scoping"] -->
          | restricts | Credential["Credential"]; class CredentialTransmissionScoping DefensiveTechniqueNode; class Credential ArtifactNode; click CredentialTransmissionScoping href "/technique/d3f:CredentialTransmissionScoping"; click Credential href "/dao/artifact/d3f:Credential";CredentialRotation["Credential Rotation"] -->
          | regenerates | Credential["Credential"]; class CredentialRotation DefensiveTechniqueNode; class Credential ArtifactNode; click CredentialRotation href "/technique/d3f:CredentialRotation"; click Credential href "/dao/artifact/d3f:Credential";CredentialCompromiseScopeAnalysis["Credential Compromise Scope Analysis"] -->
          | analyzes | Credential["Credential"]; class CredentialCompromiseScopeAnalysis DefensiveTechniqueNode; class Credential ArtifactNode; click CredentialCompromiseScopeAnalysis href "/technique/d3f:CredentialCompromiseScopeAnalysis"; click Credential href "/dao/artifact/d3f:Credential";CredentialRevoking["Credential Revoking"] -->
          | deletes | Credential["Credential"]; class CredentialRevoking DefensiveTechniqueNode; class Credential ArtifactNode; click CredentialRevoking href "/technique/d3f:CredentialRevoking"; click Credential href "/dao/artifact/d3f:Credential";AuthenticationCacheInvalidation["Authentication Cache Invalidation"] -->
          | deletes | Credential["Credential"]; class AuthenticationCacheInvalidation DefensiveTechniqueNode; class Credential ArtifactNode; click AuthenticationCacheInvalidation href "/technique/d3f:AuthenticationCacheInvalidation"; click Credential href "/dao/artifact/d3f:Credential";StrongPasswordPolicy["Strong Password Policy"] -->
          | strengthens | Password["Password"]; class StrongPasswordPolicy DefensiveTechniqueNode; class Password ArtifactNode; click StrongPasswordPolicy href "/technique/d3f:StrongPasswordPolicy"; click Password href "/dao/artifact/d3f:Password";One-timePassword["One-time Password"] -->
          | use-limits | Password["Password"]; class One-timePassword DefensiveTechniqueNode; class Password ArtifactNode; click One-timePassword href "/technique/d3f:One-timePassword"; click Password href "/dao/artifact/d3f:Password";

Related Weaknesses

Credential has no related weaknesses in this release.

Related Offensive Techniques

        graph LR;

    T1528["Steal Application Access Token"] --> |accesses| AccessToken["Access Token"]; class T1528 OffensiveTechniqueNode;
        class AccessToken ArtifactNode; click T1528 href "/offensive-technique/attack/T1528/"; click AccessToken href "/dao/artifact/d3f:AccessToken";T1134001["Token Impersonation/Theft"] --> |copies| AccessToken["Access Token"]; class T1134001 OffensiveTechniqueNode;
        class AccessToken ArtifactNode; click T1134001 href "/offensive-technique/attack/T1134.001/"; click AccessToken href "/dao/artifact/d3f:AccessToken";T1134002["Create Process with Token"] --> |copies| AccessToken["Access Token"]; class T1134002 OffensiveTechniqueNode;
        class AccessToken ArtifactNode; click T1134002 href "/offensive-technique/attack/T1134.002/"; click AccessToken href "/dao/artifact/d3f:AccessToken";T1134003["Make and Impersonate Token"] --> |copies| AccessToken["Access Token"]; class T1134003 OffensiveTechniqueNode;
        class AccessToken ArtifactNode; click T1134003 href "/offensive-technique/attack/T1134.003/"; click AccessToken href "/dao/artifact/d3f:AccessToken";T1550001["Application Access Token"] --> |uses| AccessToken["Access Token"]; class T1550001 OffensiveTechniqueNode;
        class AccessToken ArtifactNode; click T1550001 href "/offensive-technique/attack/T1550.001/"; click AccessToken href "/dao/artifact/d3f:AccessToken";T1003["OS Credential Dumping"] --> |accesses| Credential["Credential"]; class T1003 OffensiveTechniqueNode;
        class Credential ArtifactNode; click T1003 href "/offensive-technique/attack/T1003/"; click Credential href "/dao/artifact/d3f:Credential";T1552["Unsecured Credentials"] --> |accesses| Credential["Credential"]; class T1552 OffensiveTechniqueNode;
        class Credential ArtifactNode; click T1552 href "/offensive-technique/attack/T1552/"; click Credential href "/dao/artifact/d3f:Credential";T1098001["Additional Azure Service Principal Credentials"] --> |creates| Credential["Credential"]; class T1098001 OffensiveTechniqueNode;
        class Credential ArtifactNode; click T1098001 href "/offensive-technique/attack/T1098.001/"; click Credential href "/dao/artifact/d3f:Credential";T1142["Keychain"] --> |accesses| EncryptedCredential["Encrypted Credential"]; class T1142 OffensiveTechniqueNode;
        class EncryptedCredential ArtifactNode; click T1142 href "/offensive-technique/attack/T1142/"; click EncryptedCredential href "/dao/artifact/d3f:EncryptedCredential";T1003003["NTDS"] --> |accesses| EncryptedCredential["Encrypted Credential"]; class T1003003 OffensiveTechniqueNode;
        class EncryptedCredential ArtifactNode; click T1003003 href "/offensive-technique/attack/T1003.003/"; click EncryptedCredential href "/dao/artifact/d3f:EncryptedCredential";T1003005["Cached Domain Credentials"] --> |accesses| EncryptedCredential["Encrypted Credential"]; class T1003005 OffensiveTechniqueNode;
        class EncryptedCredential ArtifactNode; click T1003005 href "/offensive-technique/attack/T1003.005/"; click EncryptedCredential href "/dao/artifact/d3f:EncryptedCredential";T1003008["/etc/passwd and /etc/shadow"] --> |accesses| EncryptedCredential["Encrypted Credential"]; class T1003008 OffensiveTechniqueNode;
        class EncryptedCredential ArtifactNode; click T1003008 href "/offensive-technique/attack/T1003.008/"; click EncryptedCredential href "/dao/artifact/d3f:EncryptedCredential";T1558["Steal or Forge Kerberos Tickets"] --> |may-access| KerberosTicket["Kerberos Ticket"]; class T1558 OffensiveTechniqueNode;
        class KerberosTicket ArtifactNode; click T1558 href "/offensive-technique/attack/T1558/"; click KerberosTicket href "/dao/artifact/d3f:KerberosTicket";T1558["Steal or Forge Kerberos Tickets"] --> |may-create| KerberosTicket["Kerberos Ticket"]; class T1558 OffensiveTechniqueNode;
        class KerberosTicket ArtifactNode; click T1558 href "/offensive-technique/attack/T1558/"; click KerberosTicket href "/dao/artifact/d3f:KerberosTicket";T1558001["Golden Ticket"] --> |forges| KerberosTicketGrantingTicket["Kerberos Ticket Granting Ticket"]; class T1558001 OffensiveTechniqueNode;
        class KerberosTicketGrantingTicket ArtifactNode; click T1558001 href "/offensive-technique/attack/T1558.001/"; click KerberosTicketGrantingTicket href "/dao/artifact/d3f:KerberosTicketGrantingTicket";T1110001["Password Guessing"] --> |accesses| Password["Password"]; class T1110001 OffensiveTechniqueNode;
        class Password ArtifactNode; click T1110001 href "/offensive-technique/attack/T1110.001/"; click Password href "/dao/artifact/d3f:Password";T1110002["Password Cracking"] --> |accesses| Password["Password"]; class T1110002 OffensiveTechniqueNode;
        class Password ArtifactNode; click T1110002 href "/offensive-technique/attack/T1110.002/"; click Password href "/dao/artifact/d3f:Password";T1110003["Password Spraying"] --> |accesses| Password["Password"]; class T1110003 OffensiveTechniqueNode;
        class Password ArtifactNode; click T1110003 href "/offensive-technique/attack/T1110.003/"; click Password href "/dao/artifact/d3f:Password";T1539["Steal Web Session Cookie"] --> |accesses| SessionCookie["Session Cookie"]; class T1539 OffensiveTechniqueNode;
        class SessionCookie ArtifactNode; click T1539 href "/offensive-technique/attack/T1539/"; click SessionCookie href "/dao/artifact/d3f:SessionCookie";T1550004["Web Session Cookie"] --> |adds| SessionCookie["Session Cookie"]; class T1550004 OffensiveTechniqueNode;
        class SessionCookie ArtifactNode; click T1550004 href "/offensive-technique/attack/T1550.004/"; click SessionCookie href "/dao/artifact/d3f:SessionCookie";