Today, we are introducing a new feature for all of our users: password breach detection! Read on to find out how it works and how to enable it for your account.

"Introducing a new feature for all Auth0 users: Password breach detection!"

Protect your users from password leaks

You have seen it again and again: passwords get leaked. Bad security practices, careless users, negligent password storage, reused passwords. All of these play a part in the big leaks. But when they happen, the first thing you need to do is react fast. Changing passwords, blocking access to compromised accounts can make all the difference between a scare and a big problem.

"When password leaks happen, the first thing you need to do is react fast."

This is why we have developed our password breach detection solution: to allow you and your users to react as quickly as possible.

How it works

Our security team keeps a keen eye on leaks in the wild. We have built a strong database of leaked passwords that gets updated every day. Whenever a user attempts to access his or her account, we first perform a check against our leaked password database. If a leak is suspected, the user is notified and action is taken.

What are the actions taken?

  1. An e-mail is sent to notify the user of the situation.
  2. Logins are blocked until the user changes the password.

Of course, you can enable or disable these actions independently in the dashboard.

How to enable it

To enable password breach protection, you only need to toggle an option in the dashboard. It really is as simple as that!

Lock's password leak notification

You can also read the docs and learn more about Anomaly Detection.

If you haven't signed-up, do it now! Try Auth0 and password breach protection for free.