Google Workspace password reuse enabled
Description
AlphaSOC detected that password reuse was enabled in Google Workspace settings. This configuration allows users to reuse previous passwords when changing their credentials, weakening the organization's password security posture.
Impact
Enabling password reuse allows users to cycle back to previously used passwords, reducing the effectiveness of password rotation policies. If previous passwords were compromised, users may unknowingly revert to credentials that are already known to attackers. This configuration undermines security controls designed to limit the window of exposure for compromised credentials.
Severity
| Severity | Condition |
|---|---|
Informational | Password reuse enabled |
Investigation and Remediation
Review Google Workspace Admin audit logs to identify who changed the password management settings and confirm whether the change was authorized. Verify this aligns with organizational security policies.
If unauthorized, revert the setting to disable password reuse. Review other password management settings to ensure they meet security requirements. Consider implementing additional password policies such as minimum length and complexity requirements.