Breached credentials detection
Not authorized for Okta for Government Moderate
This feature helps you detect and remediate credential breaches in your Okta environment.
Okta monitors third-party lists of public data breaches for username-password combinations in your org. If a user's credentials appear in a list, Okta expires the password according to the password policy configuration and ends all of their related Okta sessions. Okta records the security.breached_credential.detected event in the System Log, and the user is required to reset their password the next time they attempt to sign in.
This feature was previously called breached password detection.
Breached credentials protection in password policies
Early Access release. See Enable self-service features. Not authorized for Okta for Government Moderate.
Breached credentials protection lets you customize the Okta response when credentials are exposed in a public data breach.
The password authenticator is active by default for Okta users. Its policy controls password requirements like complexity, age, minimum length, and lock out settings. With password security settings, you can expire the password early or perform custom actions through Okta Workflows, like notifying users of the breach or creating a ticket for your security operations center.
After configuring the feature, you can test your settings with Okta-generated sample credentials.
Topics
Configure breached credentials protection