Esc
Credential Hardening
Definition
Credential Hardening techniques modify system or network properties in order to protect system or network/domain credentials.
loading...
Technique Subclasses
There are 11 techniques in this category, Credential Hardening.
| Name | ID | Definition | Synonyms |
|---|---|---|---|
| Credential Hardening | D3-CH | Credential Hardening techniques modify system or network properties in order to protect system or network/domain credentials. | |
| - Biometric Authentication | D3-BAN | Using biological measures in order to authenticate a user. | |
| - Certificate-based Authentication | D3-CBAN | Requiring a digital certificate in order to authenticate a user. | |
| - Certificate Pinning | D3-CP | Persisting either a server's X.509 certificate or their public key and comparing that to server's presented identity to allow for greater client confidence in the remote server's identity for SSL connections. | |
| - Credential Transmission Scoping | D3-CTS | Limiting the transmission of a credential to a scoped set of relying parties. | Phishing Resistant Authentication |
| - Domain Trust Policy | D3-DTP | Restricting inter-domain trust by modifying domain configuration. | |
| - Credential Rotation | D3-CRO | Expiring an existing set of credentials and reissuing a new valid set | |
| - Strong Password Policy | D3-SPP | Modifying system configuration to increase password strength. | |
| - User Account Permissions | D3-UAP | Restricting a user account's access to resources. | |
| - Multi-factor Authentication | D3-MFA | Requiring proof of two or more pieces of evidence in order to authenticate a user. | |
| - One-time Password | D3-OTP | A one-time password is valid for only one user authentication. | OTP |
loading...
D3FEND™
A knowledge graph of cybersecurity countermeasures