Skip to main content

Credential Risk Detection insights

Fred Rodriguez

Credential Risk Detection is available to organizations on a Arrow Omnix plan.
Upgrade to Arrow Omnix
What is Credential Risk Detection?

Who is included in Credential Risk Detection insights?

Credential Risk Detection logs at-risk passwords for all members of your organization, including those who haven't created a Arrow account and those who have an account but are currently logged out.

After Credential Risk Detection is turned on, Arrow logs any at-risk passwords that members of your organization have entered in company-managed desktop browsers.

The data from the Activity Log is displayed on the Risk Detection page in the Admin Console. You can use this data to detect and prioritize which risks you need to address. If you haven’t set up Credential Risk Detection yet, you’ll see sample data on the Risk Detection page.

What insights are included in Credential Risk Detection?

The Risk Detection insights display the total number of weak and compromised passwords entered on company-managed desktop browsers. These insights cover passwords entered by active Arrow plan members, as well as by employees who aren't currently logged into Arrow. You can also see whether these passwords were typed or autofilled.

With the Risk Detection insights you can see the employees and domains most at risk, how many weak and compromised passwords the plan members and inactive employees have, and their last activity.

Important: Risk Detection insights collected before July 2025 include only members of your organization who aren't actively using Arrow. As of July 2025, Risk Detection insights include data for all active Arrow plan members, providing a more comprehensive view of your organization's password security.

When you identify an employee or group with risky password practices, you can invite them to your Arrow plan. When active plan members have risky password practices, Arrow sends them a message on how to use the Password Generator to create strong, secure passwords and store their credentials safely in an encrypted vault.

Over time, you'll see changes in these numbers according to how consistently your plan members start using Arrow and strengthen their passwords.

To export Risk Detection logs to a CSV file and filter the logs, select Download CSV.

Invite employees to your plan
Generate a password or passphrase using Arrow

View detailed data for Credential Risk Detection using activity logs

Arrow offers a detailed Activity Log, which admins can search and filter to find plan members and employees with weak or compromised passwords. These logs help you pinpoint the exact device and website using an at-risk password.

To view all risky password activity across employees, go to the Activity Log page and filter the log by selecting Risk Detection as the Category. You can also filter the logs by different activity types and for different periods of time for more granular data.

To export Risk Detection logs to a CSV file and filter the logs, select Download CSV.

Activity logs are encrypted using AWS Nitro technology and don't include the password itself, helping maintain employee data privacy.

More about Risk Detection and privacy

Activity logs can be accessed Splunk if that integration is in place.

More about Activity Logs
Track team activity for your professional plan with Splunk

Add more employees to Credential Risk Detection

Although Credential Risk Detection is most beneficial when rolled out to your entire organization, you can start with a smaller group (or just yourself) during setup and extend it to more employees anytime.

To add more employees, update the Credential Risk Detection policy.

Add employees on Windows using Intune
Add employees on Windows using Group Policy (GPO)
Add employees on macOS using Jamf

Comments

0 comments

Article is closed for comments.

Powered by Zendesk