IEM Credential Browser

5 min

iem credentials browser viewing credentials the credential browser shows the associated leaked credentials from the dark web each credential is shown as an individual entry showing the same identities multiple times with different passwords this page is the jumping off point for credential validation, remediation actions, and the identity profile validation & remediation each row has the idp credential status this column shows the results of the idp password validation attempt if a password comes back true other entries for that identity will be marked as false for an identity press validate to confirm the password if it is returned true, flare will offer the remediation options if false, nothing will happen automated validation and remediation can be set up in the integrations hub alternatively pressing on an identity presents the validation option within the overview tab metrics overview unique/total credentials show the credential count that flare has found remediated credentials are credentials where a user has selected the remediated button password validation attempts this is the total number of password validation attempts flare has performed against the idp for a detailed list of these select the integration in the integration hub and press audit logs valid passwords this field is the count of confirmed passwords from password validation credentials mitigated via idp shows the count of identities that have had remediation actions performed via the idp for more information check out the credential browser page https //docs flare io/credentials browser idp status values the following table highlights the associated status values with the idp status column idp status meaning considerations valid password is valid remediate the exposure invalid password is invalid no action needed not found user is not a member of the domain throttled the password validation daily limit has been reached wait until tomorrow to validate the user again mitigated the identity has been mitigated with your selected remediation action unknown an unknown error has occurred please contact flare failed an error has occurred preventing validation check the idp integration for errors bulk password validation flare offers the ability to select multiple credentials and validate them automatically go to configure go to integration hub select the associated idp within the integration evaluate the "maximum daily password attempts per identity this value should correspond with your company's smart lockout policy it is recommended to make this half the value of your lockout policy this will limit each identity to the associated number of validation attempts to prevent account lockouts within the credential browser check on the credentials you want to validate a validate button will appear press the button to validate the associated credentials it is recommend to filter credentials that have not been validated by pressing the filter button to queue up passwords to validate please note the following considerations when utilizing this feature if a credential has been validated it will not be re evaluated if an identity reaches its password attempt limit it will not be able to validate anymore credentials until the next day the status will show as throttled password validation attempts are capped at 1000 passwords per use if an identity is not apart of your domain, the status will change to not found password validation attempts can be viewed within the integration hub > audit log within the idp sign in logs flare validation attempts will have the following user agent flare systems credentialvalidation/1 0