Abstract: Provided is a process, including: obtaining a first password to a private computer network; determining, with a credential-monitoring application within the private computer network, whether the first password satisfies one or more criteria by: comparing the first password to a set of compromised credentials within a database within the private computer network; and determining whether the first password matches one or more passwords within the database; and in response to the determination that the first password satisfies the one or more criteria from among the plurality of criteria, causing a use of the first password to access the private computer network to be rejected and causing a first user associated with the first password to be notified to change the first password.

Abstract: Provided is a process including: obtaining, with a domain controller of a private computer network, a set of user-authentication credentials comprising a first username and a first password; querying a distributed credential-monitoring application; receiving query results including one or more passwords associated with the first username; determining that at least some of the one or more passwords in the query results match the obtained first password; and in response to the determination, blocking, with the domain controller, access to a first user account on the private computer network associated with the obtained first username and first password.

Abstract: Provided is a process that includes: obtaining with a distributed application comprising an identity management system, a first password; comparing with the distributed application, the first password to a set of compromised credentials within a database external to the network-accessible resource; receiving one or more passwords that match the first password based on the comparison; determining with the distributed application whether the one or more passwords satisfy a criterion; and in response to the determination that the one or more passwords satisfy the criterion, causing the first user associated with a first account and the first password to be notified that the first password has been compromised.

Abstract: Provided is a process that includes: obtaining, with one or more processors, a set of user-authentication credentials of a plurality of users; accessing, with one or more processors, a repository of breached credentials and determining, with one or more processors, an amount of the obtained set of user-authentication credentials in the repository of breached credentials, wherein the repository includes credentials from a plurality of entities obtained after the entities suffered a breach; and determining, with one or more processors, a score based on the amount of the set of user-authentication credentials in the repository of breached credentials, wherein the score is indicative of effectiveness of cybersecurity practices of the entity and the users associated with the entity.

Abstract: Provided is a process that includes: obtaining, with one or more processors, a query identifying a user identification; retrieving, with one or more processors, via an application programming interface, from a database, one or more passwords associated with one or more user identification entries in the database that matches the user identification in response to the obtained query; determining, with one or more processors, whether the one or more passwords matches a password associated with the user identification; blocking, with one or more processors, access to a user account associated with the user identification and the password when the one or more passwords matches the password associated with the user identification; and notifying, with one or more processors, a user associated with the user account to reset the password when the one or more passwords matches the password associated with the user identification.

Abstract: Provided is a process, including: obtaining a first password to a private computer network; determining, with a credential-monitoring application within the private computer network, whether the first password satisfies one or more criteria by: comparing the first password to a set of compromised credentials within a database within the private computer network; and determining whether the first password matches one or more passwords within the database; and in response to the determination that the first password satisfies the one or more criteria from among the plurality of criteria, causing a use of the first password to access the private computer network to be rejected and causing a first user associated with the first password to be notified to change the first password.

Abstract: Provided is a process including: obtaining, with a domain controller of a private computer network, a set of user-authentication credentials comprising a first username and a first password; querying a distributed credential-monitoring application; receiving query results including one or more passwords associated with the first username; determining that at least some of the one or more passwords in the query results match the obtained first password; and in response to the determination, blocking, with the domain controller, access to a first user account on the private computer network associated with the obtained first username and first password.