Netskope Help

Compromised Credentials

Most users never change their passwords and use the same password in several applications. When unsanctioned apps are hacked, the compromised accounts in these apps can expose accounts in your sanctioned apps. The Netskope Compromised Credentials dashboard informs you about known compromised credentials for the accounts used by your employees.

You can use the Compromised Credentials page to build awareness around the number of compromised credentials in your company. If you have risk officers, they can use this information to assess the need for SSO and 2-factor authentication in sanctioned cloud apps. With this feature, you can automatically reset a user's AD accounts when their accounts are compromised in a data breach. Passwords are never checked. To access the Compromised Credentials page, go to Incidents > Compromised Credentials.


Use the Compromised Credentials page to view:

  • Total number of users with compromised credentials. Click the link here to view and edit the domains tracked.

  • Total number of domain users.

  • Total number of non-domain users. Click the link here to upload a file with user names.

  • Compromised user's email address.

  • Data source.

  • Source of info.

  • Date compromised.

  • Timestamp of when it was detected.

You can customize the information shown by clicking +Add Filter and selecting specific types of information, plus switch between all acknowledged compromised credentials or just the unacknowledged ones.

Click on a user's email address to go to the SkopeIT page for more details. To export the Compromised Credentials page information to a spreadsheet, click Export and choose the desired options. To remove one or more of the compromised credentials, enable the checkbox next to an item and click Acknowledge, or click Acknowledge All.