Last updated: Jan 13, 2022

Integration detail

Overview

CredVerify is a threat intelligence platform that aggregates, processes, and stores billions of credentials recovered from data breaches. CredVerify for Okta checks for leaked credentials through restful API services using the k-anonymity protection model. If a username and password is found to match credentials discovered in previous data breaches or the dark web, authentication will be interrupted, and the user will be sent to identity verification and a password reset flows. The solution was built with privacy and security by design, making the data usable only within the intended context.

Enabling VeriClouds CredVerify:

Automates the detection of unauthorized login attempts and integrates with real-time policy enforcement measures
Significantly minimizes the threat from the number one cause of data breaches - a weak or stolen password
Reduces the likelihood of an account takeover or credential stuffing attack from being successful

The Solution

VeriClouds CredVerify APIs work with Okta's cloud-based authentication service to block account takeover and credential stuffing attacks that rely on compromised, stolen, or weak credentials. CredVerify checks incoming credentials against its data repository of compromised credentials and allows users to be authenticated only after verification that their credentials have not been compromised.

Vericlounds Graphic Large 0

CredVerify can be consumed as a service in the VeriClouds cloud, or it can be deployed in a customer’s cloud environment with just a few lines of code. VeriClouds CredVerify integrated with Okta’s world-class authentication services minimizes the threat of account takeover attacks and helps stop preventable breaches when users' credentials have been compromised.