Today, we are introducing a new feature for all of our users: password breach detection! Read on to find out how it works and how to enable it for your account.
Protect your users from password leaks
You have seen it again and again: passwords get leaked. Bad security practices, careless users, negligent password storage, reused passwords. All of these play a part in the big leaks. But when they happen, the first thing you need to do is react fast. Changing passwords, blocking access to compromised accounts can make all the difference between a scare and a big problem.
This is why we have developed our password breach detection solution: to allow you and your users to react as quickly as possible.
How it works
Our security team keeps a keen eye on leaks in the wild. We have built a strong database of leaked passwords that gets updated every day. Whenever a user attempts to access his or her account, we first perform a check against our leaked password database. If a leak is suspected, the user is notified and action is taken.
What are the actions taken?
- An e-mail is sent to notify the user of the situation.
- Logins are blocked until the user changes the password.
Of course, you can enable or disable these actions independently in the dashboard.
How to enable it
To enable password breach protection, you only need to toggle an option in the dashboard. It really is as simple as that!
You can also read the docs and learn more about Anomaly Detection.
If you haven't signed-up, do it now! Try Auth0 and password breach protection for free.