Credential Guard detects breached passwords to prevent takeovers

Shiv Ramji, Chief Product Officer at Auth0

Auth0, a product unit of Okta has launched Credential Guard, a new security feature that helps firms prevent account takeover attacks by detecting and resetting stolen passwords faster.

Credential Guard upgrades Auth0’s existing breached password detection with a dedicated security team and facilitates offering support with more than thirty five languages and more than two hundred countries and territories in order to reduce breach detection time.

Auth0’s Credential Guard offers dedicated security

Credential Guard facilitates offering application builders with the needed tools to secure their apps and protect their users from bad actors logging in with stolen credentials.

Auth0’s breach detection enables firms to automatically screen for stolen passwords and alert the user, prompt for more verification, or block access via a password reset.

Credential Guard adds even more visibility and speed with a dedicated security team that infiltrates criminal communities to gain access to otherwise unavailable breach data.

Auth0 conducted an internal test on 100,000 random usernames, and found that the ability to detect breached passwords (breach detection efficacy) increased by a minimum of 250% when using Credential Guard compared to an automated detection solution alone.

Shiv Ramji, Chief Product Officer at Auth0 said, “The goal with Credential Guard is to help firms detect breaches as soon as they happen to reduce the risk to the business and users.”

“Traditional web scanners and scrapers rely on breach data being made public, which can be months or even years after the initial breach. Credential Guard enables security teams to shrink that gap, and better protect their customers’ digital identities on a global scale.”

Auth0’s Credential Guard protects users during login

Account takeover attacks with stolen credentials, targeting everything from sensitive healthcare data to loyalty points, are one of the most common and costly cyber threats.

Verizon’s 2021 Data Breach Investigations Report (DBIR) found that 89% of web application breaches involve some sort of credential abuse like use of stolen credentials.

Reusing passwords across different websites and platforms increases the risk of an attack and makes it more difficult for organisations to prevent fraudulent access to user accounts.

With Credential Guard, firms can secure their apps and protect their users during the login process by detecting and resetting exposed passwords before they fall into the wrong hands.