Auth0 badgeAuth0 University

Auth0 Enhanced Security

Auth0 Enhanced Security

  1. Course Catalog
  2. Auth0 Enhanced Security
  3. Auth0 Anomaly Detection
Next up

Auth0 Anomaly Detection

Hello and welcome to another Auth0 video tutorial. My name is Ado and today we will be taking a look at enhanced security through anomaly detection.

Username and password authentication has been around for a very long. It is a well established method for giving users access to protected resources. This method of authentication is everywhere: in banking, ecommerce, education and companies both large and small. In recent years, this method of authentication has proven to be weak for multiple reasons:

Users tend to reuse the same password across multiple services. This means that you can follow all of the security best practices and if a service unrelated to your business becomes compromised and leaks their user accounts, attackers could gain access to your systems. This creates a single point of failure and violates the defense-in-depth concept that aims to provide multiple layers of security and information assurance. Aside from password reuse, users tend to choose weak passwords or even worse write their passwords on a sticky note and leave it on their desk.

To combat this, companies started enforcing various password policies. Your password must be at least eight characters long, with at least one capital letter, one number, and a symbol. Mandatory password changes were also implemented - so users would have to change their password every one to three months for example. Some organizations went even further, preventing the user from using the last 5 or 10 passwords, blacklisting common passwords such as 123456 or letmein or preventing the password from being the users name.

These methods did have the benefit of enforcing better security practices, but they were also anti-user. The user experience greatly suffered which can lead to a decrease in adoption or engagement with a product or service. That’s not good either.

At Auth0, managing identity is of utmost importance. Anomaly detection provides a number of quick wins that don’t hinder the user experience.

I’ve written a simple app here that requires me to login with a username and password. I’ll just login to show you that it works - and then i’ll log out. Right now, this app does not have any enhanced security features enabled. If someone else had my credentials, they could login and impersonate me. Let’s fix that.

Auth0 Anomaly detection provides an extra layer of security to you and your users against various types of attacks and anomalies. The two major features here are brute force protection and breached password detection. Brute force protection, as the name implies, prevents malicious users from trying to brute force their way into a users account. If our system detects too many failed login attempts, we’ll block the attacker and notify the user via email.

The feature I really want to focus on in this video is breached password detection. What this service does is every time a user logs in, we’ll run their credentials against our database of known leaked credentials and if we find a match, we’ll alert the user and optionally block the login until their password is changed. We update our leaked credentials database daily, and with the recent hacks of large enterprises which leaked hundreds of millions of accounts, it’s likely that your users may not even be aware their accounts were compromised.

Enabling breached password detection can be done with the flip of a switch in the management dashboard. Once we enable the setting, we are given an option to alert the user and block their login attempt until their password is changed. Let’s do that.

To test our application, I’ll attempt to login with an account I know was leaked a few years ago. Putting in the same set of credentials I used on a website that leaked my credentials and attempting to login will produce an error with a message telling me that the login attempt was blocked due to a third party service leaking my credentials and to check my email for further instructions on how to unblock it.

I’ll check my email and follow the link to reset my password. After changing my password, I will be able to login again and gain access like before.

Breached password detection helps enhance the security of your applications by preventing hackers from using publically leaked credentials to gain access to your services.

Traditional username and password authentication still plays a large role in managing modern identity. Enhanced security features like anomaly detection help secure user accounts without hindering the user experience.

Sign up for a free Auth0 account today and give your users a peace of mind when it comes account security.