Identity Stored in Plaintext
Risk Category
Storage
Risk Description
Storing NHIs in plaintext offers no encryption to guard credentials, significantly raising the risk of attack. Learn best practices to reduce this danger now.
Why It’s a Risk
Storing credentials in plaintext makes it easy for attackers to access sensitive information, leading to unauthorized access, data breaches, or service disruptions. Plaintext storage leaves no encryption layer to protect credentials, increasing the risk of exploitation.
Likelihood of Occurrence
moderate
Medium, particularly in older systems or environments without strict encryption policies.
Impact Level
high
High to critical, as plaintext identities are easily compromised, leading to data breaches or unauthorized access.
Mitigation Strategy
Detect and encrypt all identities stored in plaintext, ensuring that all credentials are moved to secure storage solutions. Implement strict access controls and enforce Zero Trust validation of every consumer to prevent unauthorized use of exposed identities.
Playbooks in Clutch
110
Applies for:
Cloud Service Provider
Vault
Source Manager
CI/CD
Password Manager
EDR
Data
Network
PaaS
Collaboration
Project Management
Log Analytics
IDP
CRM
MDM
IM
Ticketing
Automation
HRIS
SIEM
