Devices should not share both critical and non-critical user credentials.

Why This Matters

When devices store both critical (privileged admin) and non-critical user credentials, a compromise of the non-critical account can provide a stepping stone to higher-value targets. This practice increases the attack surface and makes lateral movement easier for attackers. Separating credential types is a fundamental security boundary that helps contain breaches and protect sensitive systems.

What Aether365 Checks

This check scans your Microsoft 365 tenant to identify devices where critical and non-critical user credentials are stored together without separation. It appears on the Aether365 dashboard under microsoft-365 checks flagged at medium severity.