To make it easier for organizations to meet all GDPR requirements, more actions are now getting logged in the Authentication Log.
The additional actions that cause a log entry to get added are:
- When someone requests access instructions via “Need help signing in?”
- When someone requests access instructions by submitting an email address that cannot be found
- When a password is changed
- When an incorrect password was entered while attempting to change a password
- When an API token is reset
The Authentication Log view is available to administrators in the ‘System Logs’ section of the Settings console.