# Reviewed Leaked Credentials and Passwords

When Aikido detects a leaked password for one of your domains, you can review and take action directly from the Leaked Passwords page. This ensures compromised credentials are quickly secured and cannot be abused.

## Why review leaked passwords?

* Protect accounts: Prevent attackers from reusing exposed credentials.
* Notify users: Alert affected team members so they can secure their accounts.
* Strengthen security: Enforce resets and add MFA where possible.

## Reviewing a leaked password

1. Go to the Leaked Passwords tab for your domain.<br>

   <figure><img src="/files/ptZcjT1D9JpmGgfY9E4m" alt=""><figcaption></figcaption></figure>
2. Select a password entry with the status Open.
3. Follow the recommended steps in the review dialog:

   <figure><img src="/files/p9ih2mdIa94VvZb2ZUkh" alt=""><figcaption></figcaption></figure>
4. Once actions are completed, click Mark as Reviewed.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://help.aikido.dev/dast-surface-monitoring/attack-surface-scanning/reviewed-leaked-credentials-and-passwords.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.