Snowflake BI User Authentication Changes
Last updated: October 8, 2025
The Snowflake account associated with your Panther instance has a Business Intelligence (BI) user, named PANTHER_BI_USER, that uses basic (username/password) authentication. In light of Snowflake’s recent announcement that it will block username/password authentication by November 2025, you may need to take action to preserve your BI user’s access.
For context, the BI user has read-only access, and was created per your request. BI users are typically used for adding third-party integrations and/or to log in to the Snowflake web interface, Snowsight, to run queries and build visualizations.
To comply with the new Snowflake authentication requirements, there are three possible courses of action, depending on how you’re using the BI user:
If you use the BI user to manually log in to Snowsight, you must enroll in MFA in Snowsight before November 2025 by following the Snowflake Enroll in multi-factor authentication documentation.
Starting in April 2025, if your BI user has not yet been enrolled in MFA, you will be required to enroll in MFA upon your next password-based sign-in to Snowflake.
If you use the BI user to programmatically query Snowflake using a third-party tool that supports RSA key pair authentication, please submit a support ticket to let us know.
We will provide you a new BI service user (
PANTHER_BI_SERVICE_ACCOUNT) that uses RSA key pair authentication.In this case, we'll need to coordinate a credential handoff with you, likely using a 1Password vault link.
If you no longer use the BI user and would like to drop it altogether (perhaps because you’re instead using Panther’s new built-in visualizations via PantherFlow), you do not need to take any action.