cancel
Showing results for 
Search instead for 
Did you mean: 
jdpitt
New Contributor

Security dashboard group and ignore reused passwords

In my security dashboard, there are a bunch of reused password alerts.  While the sites technically reuse the password, they really don't.  These are all work related sites and they all dial back to an Identity Management system that authorizes use on other sites.  This would be similar to sites that use your Google account to log in instead of using a separate account.  One server with one set of credentials that authorize my account on many sites.

 

In these instances, it is not possible to have a separate password for each.  Is there a way to group the sites and disable the alert?  It is non-useful information in the report and it clutters up other sites that might actually be an issue.

1 REPLY 1
RKR
New Contributor

Re: Security dashboard group and ignore reused passwords

I have a similar problem. My online Library service has three different websites to access different parts of the service, but they all REQUIRE the same username and password to be used across all three sites as one user - the second and third websites do not accept separate unique user registrations, as they may only be used by people who have registered and confirmed their identity on the first website. This means I will always get warned about password reuse, which makes it less likely for me to spot any useful security flags.