Skip to main content
Identify accounts with stale passwords across your connected applications so you can enforce good password hygiene, reduce breach exposure, and meet compliance requirements. Oleria surfaces last password change data for your on-premises and cloud identity providers (IAMs) and SaaS applications, making it easy to find and act on accounts that haven’t rotated credentials in a defined period. Passwords that have not been changed for an extended period present several risks:
  • Unchanged passwords may have been shared, stored insecurely, or become predictable over time, making them easier to compromise.
  • Older passwords are more likely to appear in data breach lists, exposing organizations to credential stuffing and brute force attacks.
  • Many regulatory standards such as PCI-DSS and HIPAA require regular password rotation. Stale passwords can lead to compliance violations and penalties.
  • Stale passwords are common on old, unused accounts. If these accounts go unmonitored, they become a security gap attackers can exploit without detection.

Supported applications

  • Okta
  • Microsoft
  • AWS Management Plane
Support for additional applications is in progress.

How to assess password hygiene

1

Navigate to Account Analytics

Go to GovernanceAccount Analytics.
2

Apply the LastPasswordChanged filter

Select the LastPasswordChanged filter. Choose whether to filter by passwords not changed before or after a given period. Available options are:
  • 30 days ago
  • 60 days ago
  • 90 days ago
  • 1 year
For example, to find all accounts with passwords unchanged for more than 90 days, set the filter to before 90 days ago.
3

View the last password change timestamp

Select a user to open their side panel and view the exact last password change timestamp.

Contact us

For questions, contact us at support@oleria.com.