Break the Glass – Not Your Organization!

By /

Listen to this Post

In the world of cloud computing and cybersecurity, having a break-glass account is crucial for emergency access when standard authentication methods fail. This account acts as a last-resort measure to regain control of your systems during critical situations, such as misconfigured Conditional Access (CA) policies or technical issues in the cloud.

You Should Know:

1. Creating a Break-Glass Account:

  • Ensure the account is not tied to Conditional Access policies.
  • Use a strong, unique password and store it securely (e.g., in a physical safe or encrypted password manager).
  • Regularly test the account to confirm it works as expected.

2. Example Commands for Azure AD (Entra):

  • To create a break-glass account in Azure AD: 
    New-AzureADUser -DisplayName "BreakGlassAdmin" -UserPrincipalName "[email protected]" -PasswordProfile $PasswordProfile -AccountEnabled $true
  • To exclude the account from Conditional Access policies: 
    Set-AzureADUser -ObjectId <BreakGlassAccountObjectId> -PasswordPolicies "DisablePasswordExpiration"

3. Testing the Break-Glass Account:

  • Log in periodically to ensure the account is functional.
  • Use the following command to verify the account’s status: 
    Get-AzureADUser -ObjectId <BreakGlassAccountObjectId> | Select-Object DisplayName, UserPrincipalName, AccountEnabled

4. Linux Emergency Access:

  • For Linux systems, create a break-glass user: 
    sudo useradd -m -s /bin/bash breakglass
sudo passwd breakglass
  • Ensure the user has sudo privileges: 
    sudo usermod -aG sudo breakglass

5. Windows Emergency Access:

  • Create a local administrator account for emergency access: 
    net user BreakGlassAdmin <Password> /add
net localgroup administrators BreakGlassAdmin /add

What Undercode Say:

A break-glass account is a vital component of any organization’s disaster recovery plan. It ensures that you can regain access to critical systems during emergencies. Regularly test and maintain this account to avoid being locked out during a crisis. For more details, refer to Microsoft’s guide on emergency access. Always prioritize security and preparedness to safeguard your organization’s digital assets.

References:

Reported By: Pertorbensorensen Break – Hackers Feeds
Extra Hub: Undercode MoN
Basic Verification: Pass ✅

Join Our Cyber World:

💬 Whatsapp | 💬 TelegramFeatured Image

Related Posts: