Overview
This article explains why a user may be able to log in successfully after trying to log in with a known breached password by following the Verify detection configuration steps for the Breached Password Detection feature.
Applies To
- Breached Password Detection
Cause
This can happen if the Breached Password toggle is turned on but no “Response” option is selected in the Breached Password Detection settings.
Solution
Ensure that the relevant Responses are enabled in the settings. If everything is disabled, Breached Password Detection will not trigger, even if the feature is turned on at the top of the page.
