Pass-the-Hash (PtH) attacks against the Windows operating systems are becoming common. Microsoft wants organizations to assume that a breach has already occurred in order to highlight the need for a more mature defense. In most organizations, the Local Administrator Password is shared amongst many administrators and is a small set of static strings. This raises major security concerns specially when it comes to Pass-the-Hash attacks.
Administrator Password is encrypted using unique encryption key
Local Administrator Password is unique and varies in length from 16 to 48 characters
No Schema Changes
No Schema Changes are required as passwords are stored in the vault.
Leverages delegation in Azure AD to manage access to the vault
API help integrate third party applications like serviceNow
Requestor is required to type business justification before opening the password valut
Workflow is built following the principle of least privileges
By default, password is masked, when first retrieved.
Integrated Audit Logs
Computer properties, from various WMI claases, are stored in a database.