tldr - powered by Generative AI

Okta warns of credential stuffing attacks targeting Customer Identity Cloud and recommends actions to mitigate the risks.
  • Review tenant logs for signs of unexpected login events like fcoa, scoa, and pwd_leak
  • Rotate credentials and restrict/disable cross-origin authentication for tenants
  • Enable breached password detection or Credential Guard
  • Prohibit weak passwords and enroll users in passwordless, phishing resistant authentication using new standards like passkeys
Credential stuffing
identity management

Post a comment

Related articles