# Rednour Law — Client-Directed Password Set

- **Date (UTC):** 2026-06-01T16:18:37Z
- **Performed by:** Mike Swanson (mike) via remediation-tool / User Manager app
- **Tenant:** rednourlaw.com (`4a4ca18a-f516-478b-99da-2e0722c5dc18`)
- **Change type:** Client-directed administrative change (NOT a breach remediation)

## Target

- **Display name:** Carla Skinner
- **UPN:** carla@rednourlaw.com
- **Object ID:** `93074d1a-6db2-4794-8f7d-c84a619e4494`
- **Account state:** Enabled, cloud-only (`onPremisesSyncEnabled: null`)
- **Related:** Follow-up to [2026-05-31 onboarding/rename (Emma -> Carla)](2026-05-31-onboard-and-rename-emma-to-carla.md)

## Action

Set account password via Graph User Manager app (`64fac46b-8b44-41ad-93ee-7da03927576c`).

```
PATCH https://graph.microsoft.com/v1.0/users/carla@rednourlaw.com
{
  "passwordProfile": {
    "password": "<redacted>",
    "forceChangePasswordNextSignIn": false
  }
}
```

- **forceChangePasswordNextSignIn:** false (per client direction)
- **Session revocation:** none performed (per client direction — existing sessions remain valid)
- **Result:** HTTP 204 (success)
- **Artifact:** `/tmp/remediation-tool/4a4ca18a-f516-478b-99da-2e0722c5dc18/remediation/carla-pwset-2026-06-01T161837.json`

## Notes / advisories

- Password supplied was a dictionary-word + sequential-digit pattern; flagged to operator as weak for a law-firm account but applied as directed. Entra accepted it (not on the banned-password list).
- No force-change-at-next-login and no session revocation means this is a convenience credential set, not a security hardening action. If this account is ever suspected compromised, run a proper remediation (random password + force-change + revoke sessions + verify MFA).