CyberArk Software Ltd.
Detecting and preventing unauthorized credential change

Abstract:

Techniques include securely maintaining data associated with a plurality of authentication credentials; generating, as a function of the data associated with a selected group of the plurality of authentication credentials, a secret data element; making available, the secret data element, to be embedded in a first authentication credential; identifying an attempt to change the first authentication credential, the attempt including new authentication credential data to replace data in the first authentication credential; validating, conditional on whether the new authentication credential data includes the secret data element, the new authentication credential data; and determining, based on the validating, whether to perform a control action based on the new authentication credential data.