Detecting Use of Passwords that Appear in a Repository of Breached Credentials

摘要

Provided is a process that includes: obtaining with a distributed application comprising an identity management system, a first password; comparing with the distributed application, the first password to a set of compromised credentials within a database external to the network-accessible resource; receiving one or more passwords that match the first password based on the comparison; determining with the distributed application whether the one or more passwords satisfy a criterion; and in response to the determination that the one or more passwords satisfy the criterion, causing the first user associated with a first account and the first password to be notified that the first password has been compromised.