Chapter 23: Identity and Account Management Controls
Identity
IdP: Identity provider
Attributes
Certificates
Tokens
SSH keys
Smart cards
Account types
User account
Shared and generic accounts/credentials
Guest accounts
Service accounts
Account policies
Password complexity
Password history
Password reuse
Network location
Geofencing
Geotagging
Geolocation
Time-based logins
Access policies
Account permissions
Account audits
![Info](http://localhost/wp-content/uploads/2020/10/Info-24x24-1.png)
By far the MOST important audit item here is Failed Login Attempts.
Impossible travel time/risky login
Lockout
Disablement