Breached Password Detection Triggers and Actions


A trigger occurs when Auth0 suspects that a specific user's credentials were included in a major public security breach.


  • Send an email to the affected user.
  • Send an email to dashboard owners immediately, and/or have a daily/weekly/monthly summary.
  • Block login attempts for suspected user accounts using that username and password combination.

Remove block

This block remains in place until the user changes their password.

Keep reading