Enforce credential configurations on apps and service principals
Why This Matter
Microsoft Entra ID permits service principals and applications to be configured with weak credentials by default. Attackers can exploit these weak credentials to gain unauthorized access to your organization's resources and sensitive data. Enforcing strong credential policies reduces the attack surface and helps prevent credential-based breaches.
What Aether365 Checks
Aether365 verifies that your tenant has a default application management policy enforcing credential restrictions for apps and service principals. This check appears in your Aether365 dashboard under the microsoft-365 service checks.