SafeID Frequently Asked Questions

SafeID FAQ

What is SafeID?

SafeID is a fee-based feature that automatically scans selected user accounts against a database of breached credentials and alerts administrators when compromised users are found.

What is a Compromised User?

Compromised users are RapidIdentity users whose email and password have been publicly exposed either because of a data breach in an external system or via a phishing attack or malware.

How often are Accounts Scanned?

Selected user accounts are scanned weekly beginning at a random time after 17:00 hours every Friday. Accounts are scanned in groups. When compromised credentials are detected in a group, the idautoPersonSafeIdCompromisedDate attribute is set on the associated user account to indicate that the account's email and password have been matched in a data breach. Compromised accounts appear in the Compromised Accounts delegation as soon as the idautoPersonSafeIdCompromisedDate attribute is set.

How does a Compromised Account become Not Compromised?

As soon as the password of a Compromised Account is changed, either by the user themself or by a delegated password reset, the idautoPersonSafeIdCompromisedDate attribute is set to null and the user account no longer apears in the Compromised Accounts delegation.

What Prevents a User from Choosing another Compromised Password?

When SafeID is enabled, the password reset process checks to see if the chosen password matches a previously breached password for the same account and instructs the user to choose a different password when there is a match.