check before: 2025-11-01
Product:
Defender, Defender for Identity, Defender XDR, Entra
Platform:
Online, US Instances, World tenant
Status:
Change type:
Admin impact, New feature, Updated message
Links:
Details:
Summary:
Microsoft Secure Score will add a new default recommendation from Microsoft Defender for Identity to improve on-premises account security by prompting password changes for potentially leaked credentials. The update rolls out November to December 2025, requires no admin action, and complements a related Microsoft Entra ID cloud account recommendation.
Details:
Updated October 31, 2025: We have updated the content. Thank you for your patience.
Introduction
To help organizations better assess and improve their identity security posture, Microsoft Secure Score is being enhanced with new improvement actions based on Microsoft Defender for Identity recommendations. These updates provide more accurate insights and actionable guidance to strengthen your security configuration.
When this will happen:
Public Preview: Rollout begins early November 2025, completes by mid-December 2025
General Availability (Worldwide, GCC, GCC High, and DoD): Rollout begins early November 2025, completes by mid-December 2025
Change Category:
XXXXXXX ... free basic plan only
Scope:
XXXXXXX ... free basic plan only
Release Phase:
Created:
2025-10-25
updated:
2025-10-31
Task Type
XXXXXXX ... free basic plan only
Docu to Check
XXXXXXX ... free basic plan only
MS How does it affect me
XXXXXXX ... free basic plan only
MS Preperations
XXXXXXX ... free basic plan only
MS Urgency
XXXXXXX ... free basic plan only
MS workload name
XXXXXXX ... free basic plan only
summary for non-techies**
XXXXXXX ... free basic plan only
Direct effects for Operations**
Password Change Requirement
Admins may need to change passwords for on-prem accounts with potentially leaked credentials, leading to potential disruptions in user access if not managed properly.
- roles: IT Admins, Security Officers
- references: https://learn.microsoft.com/microsoft-365/security/mtp/microsoft-secure-score
User Access Disruption
If admins act on the new recommendation without proper communication, users may experience unexpected access issues due to password changes, impacting productivity.
- roles: End Users, IT Support
- references: https://learn.microsoft.com/microsoft-365/security/mtp/microsoft-secure-score
Configutation Options**
XXXXXXX ... paid membership only
IT Security**
XXXXXXX ... paid membership only
explanation for non-techies**
XXXXXXX ... free basic plan only
** AI generated content. This information must be reviewed before use.
a free basic plan is required to see more details. Sign up here
A cloudsocut.one plan is required to see all the changed details. If you are already a customer, choose login.
If you are new to cloudscout.one please choose a plan.
change history
| Date | Property | old | new |
| 2025-10-31 | MC Messages | Updated October 30, 2025: We have updated the content. Thank you for your patience.
Introduction To help organizations better assess and improve their identity security posture, Microsoft Secure Score is being enhanced with new improvement actions based on Microsoft Defender for Identity recommendations. These updates provide more accurate insights and actionable guidance to strengthen your security configuration. When this will happen: Public Preview: Rollout begins early November 2025, completes by mid-December 2025 General Availability (Worldwide, GCC, GCC High, and DoD): Rollout begins early November 2025, completes by mid-December 2025 | Updated October 31, 2025: We have updated the content. Thank you for your patience.
Introduction To help organizations better assess and improve their identity security posture, Microsoft Secure Score is being enhanced with new improvement actions based on Microsoft Defender for Identity recommendations. These updates provide more accurate insights and actionable guidance to strengthen your security configuration. When this will happen: Public Preview: Rollout begins early November 2025, completes by mid-December 2025 General Availability (Worldwide, GCC, GCC High, and DoD): Rollout begins early November 2025, completes by mid-December 2025 |
| 2025-10-31 | MC How Affect | Who is affected: Admins managing Microsoft Secure Score and organizations with Microsoft Defender for Identity sensors deployed.
What will happen: New posture recommendation will appear in Microsoft Secure Score as improvement actions: Change password for on-prem accounts with potentially leaked credentials This recommendation is visible only if your tenant has a Defender for Identity sensor deployed. The update is enabled by default and requires no configuration changes. No impact to end-user workflow unless acted upon by the admin. What you can do to prepare: No admin action is required before or after rollout. Review your current identity configuration to assess potential impact. Notify relevant administrators and update internal documentation as needed. Regularly review Microsoft Secure Score to monitor and act on new improvement suggestions. Learn more: Microsoft Secure Score Compliance considerations: No compliance considerations identified, review as appropriate for your organization. | Who is affected: Admins managing Microsoft Secure Score and organizations with Microsoft Defender for Identity sensors deployed.
What will happen: New posture recommendation will appear in Microsoft Secure Score as improvement actions: Change password for on-prem accounts with potentially leaked credentials This recommendation is visible only if your tenant has a Defender for Identity sensor deployed. The update is enabled by default and requires no configuration changes. No impact to end-user workflow unless acted upon by the admin. Please be aware of a related Microsoft Entra ID recommendation that is recently released, titled: "Change password for accounts with leaked credentials". The Microsoft Entra ID recommendation is focused on cloud-based user accounts, whereas the Microsoft Defender for Identity recommendation targets on-prem user accounts. What you can do to prepare: No admin action is required before or after rollout. Review your current identity configuration to assess potential impact. Notify relevant administrators and update internal documentation as needed. Regularly review Microsoft Secure Score to monitor and act on new improvement suggestions. Learn more: Microsoft Secure Score Compliance considerations: No compliance considerations identified, review as appropriate for your organization. |
| 2025-10-31 | MC Last Updated | 10/30/2025 18:42:23 | 2025-10-31T17:54:17Z |
| 2025-10-31 | MC Summary | Microsoft Secure Score will add a new improvement action from Microsoft Defender for Identity to recommend changing passwords for on-prem accounts with potentially leaked credentials. The update rolls out November to December 2025, is enabled by default, requires no admin action, and affects only tenants with Defender for Identity sensors. | Microsoft Secure Score will add a new default recommendation from Microsoft Defender for Identity to improve on-premises account security by prompting password changes for potentially leaked credentials. The update rolls out November to December 2025, requires no admin action, and complements a related Microsoft Entra ID cloud account recommendation. |
| 2025-10-30 | MC MessageTagNames | New feature, Admin impact | Updated message, New feature, Admin impact |
| 2025-10-30 | MC Summary | Microsoft Secure Score will add a new improvement action from Microsoft Defender for Identity to prompt password changes for accounts with potentially leaked credentials. Rolling out November to December 2025, it requires no admin action and appears only if Defender for Identity sensors are deployed. | Microsoft Secure Score will add a new improvement action from Microsoft Defender for Identity to recommend changing passwords for on-prem accounts with potentially leaked credentials. The update rolls out November to December 2025, is enabled by default, requires no admin action, and affects only tenants with Defender for Identity sensors. |
| 2025-10-30 | MC Last Updated | 10/25/2025 00:09:48 | 2025-10-30T18:42:23Z |
| 2025-10-30 | MC Messages | Introduction
To help organizations better assess and improve their identity security posture, Microsoft Secure Score is being enhanced with new improvement actions based on Microsoft Defender for Identity recommendations. These updates provide more accurate insights and actionable guidance to strengthen your security configuration. When this will happen: Public Preview: Rollout begins early November 2025, completes by mid-December 2025 General Availability (Worldwide, GCC, GCC High, and DoD): Rollout begins early November 2025, completes by mid-December 2025 | Updated October 30, 2025: We have updated the content. Thank you for your patience.
Introduction To help organizations better assess and improve their identity security posture, Microsoft Secure Score is being enhanced with new improvement actions based on Microsoft Defender for Identity recommendations. These updates provide more accurate insights and actionable guidance to strengthen your security configuration. When this will happen: Public Preview: Rollout begins early November 2025, completes by mid-December 2025 General Availability (Worldwide, GCC, GCC High, and DoD): Rollout begins early November 2025, completes by mid-December 2025 |
| 2025-10-30 | MC Title | Microsoft Defender for Identity: New recommendation added to Microsoft Secure Score | (Updated) Microsoft Defender for Identity: New recommendation added to Microsoft Secure Score |
| 2025-10-30 | MC How Affect | Who is affected: Admins managing Microsoft Secure Score and organizations with Microsoft Defender for Identity sensors deployed.
What will happen: A new improvement action will appear in Microsoft Secure Score: Change password for accounts with potentially leaked credentials This recommendation is visible only if your tenant has a Defender for Identity sensor deployed. The update is enabled by default and requires no configuration changes. No impact to end-user workflow unless acted upon by the admin. What you can do to prepare: No admin action is required before or after rollout. Review your current identity configuration to assess potential impact. Notify relevant administrators and update internal documentation as needed. Regularly review Microsoft Secure Score to monitor and act on new improvement suggestions. Learn more: Microsoft Secure Score Compliance considerations: No compliance considerations identified, review as appropriate for your organization. | Who is affected: Admins managing Microsoft Secure Score and organizations with Microsoft Defender for Identity sensors deployed.
What will happen: New posture recommendation will appear in Microsoft Secure Score as improvement actions: Change password for on-prem accounts with potentially leaked credentials This recommendation is visible only if your tenant has a Defender for Identity sensor deployed. The update is enabled by default and requires no configuration changes. No impact to end-user workflow unless acted upon by the admin. What you can do to prepare: No admin action is required before or after rollout. Review your current identity configuration to assess potential impact. Notify relevant administrators and update internal documentation as needed. Regularly review Microsoft Secure Score to monitor and act on new improvement suggestions. Learn more: Microsoft Secure Score Compliance considerations: No compliance considerations identified, review as appropriate for your organization. |
Last updated 6 days ago
