Credential rotation
Definition
The process of invalidating and replacing passwords, API keys, certificates, and other authentication tokens that may have been exposed during an incident. Rotation closes persistence vectors that rely on harvested but still-valid credentials.
Related terms
- Access revocation
- The removal of permissions, accounts, or trust relationships that the attacker exploited or could exploit. Distinct from credential rotation in that it...
- Attack surface reduction
- The systematic elimination of pathways an attacker could use to enter or move within a system. In incident response this includes closing...
- Compensating control
- A security measure that reduces risk when the ideal control cannot be applied immediately. For example, routing traffic through a monitored proxy...
- Long-term containment
- The incident response phase in which emergency stabilisation measures are replaced with durable controls, such as patches, credential rotation, and firewall changes,...
- System hardening
- Configuration changes that reduce a system's attack surface by disabling unnecessary services, applying least-privilege access, enabling audit logging, and removing or restricting...
Explained in
- Long-Term Containment and System HardeningThe process of invalidating and replacing passwords, API keys, certificates, and other authentication tokens that may have been exposed during an incident. Rot...