For AI agents: a documentation index is available at the root level at /llms.txt and /llms-full.txt. Append /llms.txt to any URL for a page-level index, or .md for the markdown version of any page.
HUMAN DashboardHUMAN WebsiteRequest a Demo
Product GuidesEnforcer GuidesMobile SDKAPI ReferenceCustomer support
Product GuidesEnforcer GuidesMobile SDKAPI ReferenceCustomer support
  • Getting Started
    • Overview
    • Best practices
  • Sightline Cyberfraud Defense
    • About Sightline Cyberfraud Defense
    • Getting Started
    • What's different in Sightline Cyberfraud Defense
    • Sensor changelog
    • About the Overview Dashboard
    • Glossary
  • AgenticTrust
    • Getting started with AgenticTrust
    • AI Agents Monitoring Dashboard
    • AI Visitors Overview Dashboard
    • Manage AI Agent Permissions
    • Agentic Activity Priority
    • Agent Trust Levels
  • Account Defender
    • Account Defender Overview
    • Use Cases
    • Prerequisites
    • Getting Started with Account Defender
    • Optimizing Account Defender Detection
    • Validating Account Defender Integration
    • Risk Triggers
    • About Network Events
    • Troubleshooting
  • Bot Defender
    • Bot Defender Overview
    • Detection
    • Bot Defender Policy Settings
    • Footprint
  • Credential Intelligence
    • Credential Intelligence Overview
    • How to Access the Breached Flag
      • Getting Started with Credential Intelligence
      • Top Questions During Onboarding
      • Top Questions Post-Onboarding
    • Credential Intelligence FAQ
    • Credential Intelligence Dashboard
  • Code Defender
    • Code Defender Introduction
    • Getting Started with Code Defender
    • Code Defender Glossary
    • Website Risk Analyzer
  • Platform
    • Account settings
    • Manage users
    • Role permissions
    • Enforcer configurations
    • Page Type Mapping
  • Client-Side Integration
    • JavaScript tag
    • Improving first page performance
    • Use of cookies & web storage
    • Advanced client integration
LogoLogo
Login
Login
HUMAN DashboardHUMAN WebsiteRequest a Demo
On this page
  • What is the best practice when an account is about to be accessed?
  • Is there an option to query out-of-band credentials against the collection?
Credential IntelligenceGetting Started with Credential Intelligence

Top Questions Post-Onboarding

Was this page helpful?
Previous

Credentials Intelligence: Enforcer Integration Guidelines

Next
Built with

What is the best practice when an account is about to be accessed?

  • Our official recommendation is to implement an inline reset password operation based on the flagging we provide (a header with a breached response when a login attempt is made).
  • This option allows for an account to no longer be vulnerable and reduces the attack surface.
  • This option also takes the only resource that attackers have in credential stuffing attacks and removes it, thus, is able to render attacks with zero success rate for the long run.
  • There are other ways to protect against ATO which can also include hardening certain actions within the account, obfuscating sensitive information, and introducing additional authentication methods for checkout/other sensitive actions.

Is there an option to query out-of-band credentials against the collection?

Yes, using our Risk API, [contact us] for more information.