Forum Discussion
brlgen
Mar 17, 2021Brass Contributor
Best Practise around honeytoken accounts?
I'm considering using honeytoken accounts with high privileges (in order to prevent the obvious lure), however how can you prevent abuse as soon as an authentication is made with the account? What's the best practice here?
Ideally I would like the account to be disabled within seconds on all domain controllers.