Ammy

What you’re seeing is expected behavior in many password management and security auditing systems. When multiple accounts use the same credentials — even across different corporate or SSO-integrated sites — they may still be flagged as “Identical Passwords” because the system detects password reuse rather than the authentication method behind it. For SSO-based applications: The sites may rely on a central identity provider (such as Azure AD, Okta, ADFS, etc.) Even though they are different portals, the same corporate credentials are being used As a result, the password audit identifies them as duplicates At the moment, there may not be a built-in option to automatically merge or exclude SSO-related entries from the “Identical Passwords” category. However, your suggestion about: an SSO-specific toggle, grouping linked SSO accounts, or excluding federated logins from duplicate-password detection is a very valid enhancement idea and could improve reporting accuracy and reduce false-positive alerts. As a workaround, you may: verify whether the affected entries are indeed federated/SSO accounts, exclude them during manual review, or categorize them separately if your platform supports tagging or custom grouping.

Any update??