Breached Password Functionality

Problem statement

This article will describe the results of the Attack Protection feature Breached Password Detection. For configuration instructions, see Configure breached password detections.

Solution

Once Breached Password Detection is successfully configured, the following circumstances will result in a failed sign-in attempt:

1. Create a user from the Dashboard (or Mgmt. API) with a breached password.

If a user is created with a breached password, the user will not have the ability to log into the Tenant and will receive the following warning on the Universal Login page:

The user will receive an email with the subject “Please change your password immediately” explaining the reasons for resetting the passwords.

2. The user signs up in the Tenant.

If the user tries to sign up from the Universal Login with a breached password, they will receive the following warning and will be prevented from creating their account:

3. Password reset.

​​​​​​​If the user changes their passwords, or the Tenant Admin changes it from the Dashboard, the password change will succeed, but login attempts using the password will fail with the first error.

​​​​​​​Related Resources

• Breached Password Detection