- Unchanged passwords may have been shared, stored insecurely, or become predictable over time, making them easier to compromise.
- Older passwords are more likely to appear in data breach lists, exposing organizations to credential stuffing and brute force attacks.
- Many regulatory standards such as PCI-DSS and HIPAA require regular password rotation. Stale passwords can lead to compliance violations and penalties.
- Stale passwords are common on old, unused accounts. If these accounts go unmonitored, they become a security gap attackers can exploit without detection.
Supported applications
- Okta
- Microsoft
- AWS Management Plane
Support for additional applications is in progress.
How to assess password hygiene
1
Navigate to Account Analytics
Go to Governance → Account Analytics.
2
Apply the LastPasswordChanged filter
Select the LastPasswordChanged filter. Choose whether to filter by passwords not changed before or after a given period. Available options are:
- 30 days ago
- 60 days ago
- 90 days ago
- 1 year

3
View the last password change timestamp
Select a user to open their side panel and view the exact last password change timestamp.


