This analytic identifies instances where users may have erroneously entered their passwords into the username field during authentication attempts. It leverages failed authentication events by filtering usernames that exceed 7 characters in length and exhibit high Shannon entropy, which suggests randomness and complexity typical of passwords. The detection is triggered when a failing authentication using such a username is followed by a subsequent successful authentication from the same source to the same destination. Consequently, this behavior indicates potential security concerns, particularly in relation to password exposure. If this scenario is confirmed as malicious, it could allow unauthorized access, resulting in data breaches or further compromise of network systems. Analysts should be mindful of false positives due to valid high-entropy usernames or shared systems with multiple authenticating users.