Customer Identity Cloud
Breached Passwords
Keep credentials in the right hands
Use Breached Password Detection to screen compromised passwords and reduce the risk of data breaches with Okta Customer Identity Cloud, powered by Auth0.
Third-party breaches affect everybody
Sensitive data breaches are an everyday reality. Yet traditional methods of recovery only work when the breach is made public. This can take months, leaving you and your users at risk. We help you avoid that risk and get ahead of breaches.
How it works
Our platform helps eliminate the costs associated with account takeovers and gives your users peace of mind when interacting with your brand.
Protect
We alert you and your users when their login credentials are detected in any known third-party breaches.
Prevent
Block breached accounts until users change their passwords and add MFA, improving overall security.
Personalise
You can customise the style and content of any breach warning email that gets sent to your users.
Take protection even further with Credential Guard
Explore enhanced detection methods, using the world’s largest database of breach assets, for enterprise-scale account takeover (ATO) prevention.
Improve account protection in 200 countries and territories by alerting users and blocking access attempts using compromised credentials.
Secure application login by detecting ATO risks as soon as breaches happen and resetting stolen passwords immediately.
Our dedicated security experts uncover stolen data not accessible to scanners/scrapers, saving you months — even years — of delay.
Breached Password DetectionKeep users safe from account hackers using stolen passwords from published security breaches. | Credential Guard
Protect high value accounts from takeover attempts by detecting and resetting stolen passwords as soon as possible based on data received from the dark web. | |
|---|---|---|
Plans included | B2B / B2C Professional and Enterprise | Part of Attack Protection add-on in Enterprise plan |
Data collection method | Web scanners and scrapers search for user credentials in published security breaches | Dedicated security team to infiltrate criminal communities and gain access to breach data that isn’t available otherwise |
Typical detection time | Up to 7 - 13 months | 12 - 36 hours |
Recommended use | Self-service accounts, testing scenarios | Enterprise, production environments, high-value accounts |
Coverage | English only | 200+ countries and territories |
Keep users safe from account hackers using stolen passwords from published security breaches.
Plans included
B2B / B2C Professional and Enterprise
Data collection method
Web scanners and scrapers search for user credentials in published security breaches
Typical detection time
Up to 7 - 13 months
Recommended use
Self-service accounts, testing scenarios
Coverage
English only