Description

Invalidate current password based credentials without disabling a user account. Sometimes known as ‘forced password change’. Helpful in situations when an account could be compromised, but does not have any identifiable information that it has been utilized maliciously.

Techniques

Examples

Invalidate user's password in Azure Active Directory | Story library | Tines

References

Account compromise (Part 1): Breaches are inevitable and early detection is crucial | Tines