The Credential Browser shows the associated leaked credentials from the Dark Web. Each credential is shown as an individual entry showing the same identities multiple times with different passwords. This page is the jumping off point for credential validation, remediation actions, and the Identity Profile. 

Each row has the IdP Credential Status. This column shows the results of the IdP password validation attempt. If a password comes back true other entries for that Identity will be marked as false. 

For an Identity press validate to confirm the password. If it is returned true, Flare will offer the remediation options. If false, nothing will happen. 

Automated Validation and Remediation can be set up in the Integrations hub. 

Alternatively pressing on an Identity presents the validation option within the Overview tab. 

Unique/Total - credentials show the credential count that Flare has found

Remediated credentials - are credentials where a user has selected the remediated button 

Password validation attempts - this is the total number of password validation attempts Flare has performed against the IdP. For a detailed list of these select the integration in the Integration Hub and press Audit Logs

Valid Passwords - this field is the count of confirmed passwords from password validation 

Credentials Mitigated via IdP - shows the count of Identities that have had remediation actions performed via the IdP 

For more information check out the Credential Browser 

IEM Entra ID Setup

IEM Credential Browser

Identity Profile

Flare

docs.flare.io

Welcome to Flare!

What We Are Working On

2025 Releases

2024 Releases

2026 Releases

Get Started

Unresolved Events

Event Trends

Event Explorer

Identifier Trends

Dashboard

Respond to Leaked Credentials Events

Respond to Open Web Events

Respond to Look-alike Domains Events

Respond to .ph Domain Alerts

Respond to Illicit Networks Events

Playbooks

Flare Executive and VIP Monitoring

GUIDES

Search in Existing Data

Understand Event Severity

Open Ports

Events

Email Alerts

Alert Central

Configure Identifiers

Configure Identifiers - Advanced

Identifiers - Listing Subdomains

Rate-limiting of identifier event feeds

Identifiers

Collection Overview

Telegram Channels

Named Breaches

Collection Data Categories

Collection

Scheduled Reports

Reports Migration FAQ

Reports

Global Search - Quota

Global Search

Use Cases

Credentials Browser

IEM FAQ

Identity Exposure Management Overview

Intel

Conversation Explorer

Saved Queries

Threat Flow

Network

Actor Intelligence

Forum Thread Intelligence

Supply Chain Ransomware Exposure Monitoring

Takedown Services

Actions

Flare Account and Session Takeover Prevention

Sandbox

CORE FEATURES

Tenants

Team

Roles & Permissions

Profile

Integrations Hub

SSO and Authentication

Policies

Pre-Sales Tenants

Untitled

Azure Sentinel Integration

Azure Sentinel Integration (Legacy)

Discord

Jira

Microsoft Entra ID

ServiceNow

Slack

Splunk App

Microsoft Teams

Webhooks

Integrations

Illicit Networks

Source Code Secret Detection

Open Web

Leaked Credentials

Look-alike Domains

Emerging Sources

DATA SOURCES

Product Specifications

Fraudster Jargon

Data Fields

Queries

Event Date Fields

Asset Relations

REFERENCES

RESEARCH CENTER