cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

How to use confirm sign in compromised/safe

dfoster303
Copper Contributor

‎Feb 28 2023 08:29 AM

‎Feb 28 2023 08:29 AM

How to use confirm sign in compromised/safe

It's really unclear how I should use these options in most typical circumstances. For instance, someone attempted to login as one of our users, from another state. It wasn't the user, but the login was not successful due to MFA. So, the login wasn't technically compromised - the threat actor did not gain access to our tenant. But it wasn't "Safe" either - it was not initiated by an authorized user. Unless it was safe because it wasn't compromised? This is confusing!

 

I cannot simply dismiss the instance; I must choose compromised or safe. So, which is it?

419 Views
0 Likes
1 Reply
Reply
1 Reply
CalumNC

‎Nov 30 2023 07:09 AM

‎Nov 30 2023 07:09 AM

Re: How to use confirm sign in compromised/safe

Did you figure this out in the end?

I'm in the same situation... The risky sign-in had failed, so there was no breach, but it wasn't a legit sign-in either.
0 Likes
Reply