SEVA: Local Administrator Password Management
Pass-the-Hash (PtH) attacks against the Windows operating systems are becoming common. Microsoft wants organizations to assume that a breach has already occurred in order to highlight the need for a more mature defense. In most organizations, the Local Administrator Password is shared amongst many administrators and is a small set of static strings. This raises major security concerns specially when it comes to Pass-the-Hash attacks.
Administrator Password is encrypted using unique encryption key
No Schema Changes
No Schema Changes are required as passwords are stored in the vault.
Remote Desktop connection can be established without typing username or password
Workflow is built following the principle of least privileges
Integrated Audit Logs
Local Administrator Password is unique and varies in length from 16 to 48 characters
Leverages delegation in Azure AD to manage access to the vault
Requestor is required to type business justification before opening the password valut
By default, password is masked, when first retrieved.
Computer properties, from various WMI claases, are stored in a database./p>