You deal with phishing attacks and malware every day, and the news is littered with articles on systems which are breached and have leaked username/password pairs. In aggregate, 10s of millions of credentials are exposed every month. Bad actors collect, sell, and share large lists of user account credentials from these breaches. Because 3 out of 4 users re-use credentials across multiple sites, there's a good chance that your users' credentials are in those lists.
As part of running our consumer and enterprise identity systems, Microsoft discovers account credentials posted publically and we are making this information available to you so you can protect your enterprise when your users' account credentials are at risk.
Today we're pleased to announce that this report is in preview for Azure AD Premium customers in the Azure management portal. The report surfaces any matches between these leaked credentials list and your tenant. You can go to the Azure management portal, select your Active Directory instance and look under your tenant's reports for "Users with leaked credentials."
The report shows you the users we've found and when we discovered the leaked credentials. To mitigate the security risk, we recommend you to enable Multi-Factor Authentication or reset the password for the accounts listed.
Multi-Factor Authentication can help mitigate the impact of leaked passwords by adding a layer of security to passwords. Multi-Factor Authentication not just provides additional security but it prepares you for recovery. To get started with Multi-Factor Authentication, check out this walkthrough video. If you're familiar with Multi-Factor Authentication, go here to enable your users for it.