When administering Vault on a day-to-day basis, why is logging in with the root token, as shown below, a bad idea? (select two).

When administering Vault on a day-to-day basis, why is logging in with the root token, as shown below, a bad idea? (select two).
A . the root token isn’t a secure way of logging into Vault
B . the root token is attached to the root policy, which likely provides too many privileges to a user
C . the root token should be revoked and not used on a day-to-day basis
D . It’s easier to just use the root token than to configure additional auth methods

View Answer

Answer: B,C

Explanation:

The root token should never be used on a day-to-day basis and should always be revoked once a permanent auth method has been configured.