Okta introduces Auth0 Credential Guard, a suite of development tools to secure user access to applications.
Auth0 Credential Guard is fitted for any application that works with user accounts. Whenever a user logs in or creates an account, the solution checks if the provided password has been leaked.
Auth0 Credential Guard maintains a global record of leaked passwords through multiple data sources, including web scrapers. Web scrapers scan the web for leaked passwords in data breaches. For years, they’ve allowed developers and organizations to notify their users of password leaks. Auth0 Credential Guard takes things a step further.
If a password turns out to be leaked, the solution can respond in several ways. For example, users with leaked passwords can be required to answer an extra security question upon their next login. Configuring Auth0 Credential Guard to force a password change works just as well.
Quality design
The solution reminds us of a recent statement by Roel van Rijsewijk, Director of Cyber Defense at Thales. “Don’t make cybersecurity the problem of end users”, he advised in an interview with Techzine. Auth0 Credential Guard is a textbook example of how to do just that. By solely adjusting the login process for users with leaked passwords, users with secure passwords are never disrupted by measures that were never meant for them.
Auth0 Credential Guard is available to customers of Auth0, a broad software suite for login security and access management.