Auth0 Credential Guard prevents fraudulent access with stolen credentials
Auth0 released Credential Guard, a new security feature that helps enterprises prevent account takeover attacks by detecting and resetting stolen passwords faster.
Credential Guard upgrades Auth0’s existing breached password detection with a dedicated security team, and support for more than 35 languages and 200+ countries and territories to reduce breach detection time.
Credential Guard gives application builders the tools to secure their apps and protect their users from bad actors logging in with stolen credentials. Auth0’s breached password detection enables organizations to automatically screen for stolen passwords, and alert the user, prompt for additional verification, or block access by forcing a password reset. Credential Guard adds even more visibility and speed with a dedicated security team that infiltrates criminal communities to gain access to otherwise unavailable breach data.
Auth0’s security team conducted an internal test on 100,000 random usernames, and found that the ability to detect breached passwords (breach detection efficacy) increased by a minimum of 250% when using Credential Guard compared to an automated detection solution alone.
“The goal with Credential Guard is to help organizations detect breaches as soon as they happen, to reduce the risk to the business and its users,” said Shiv Ramji, Chief Product Officer at Auth0. “Traditional web scanners and scrapers rely on breach data being made public, which can be months or even years after the initial breach. Credential Guard enables security teams to shrink that gap, and better protect their customers’ digital identities on a global scale.”
Account takeover attacks with stolen credentials, targeting everything from sensitive healthcare data to loyalty points, are one of the most common and costly cyber threats. Verizon’s 2021 Data Breach Investigations Report (DBIR) found that 89% of web application breaches involve some sort of credential abuse (use of stolen credentials or brute force).
Reusing passwords across sites increases the risk of an attack and makes it more difficult for organizations to prevent fraudulent access to user accounts. With Credential Guard, organizations can secure their apps and protect their users during the login process by detecting and resetting exposed passwords before they fall into the wrong hands.
Credential Guard is available as an Enterprise Add-on for existing Auth0 customers.