This Torq workflow template is designed to strengthen security measures by addressing potential credential leaks in Okta due to user errors during login attempts. Specifically, it triggers upon failed login attempts where the email is a plausible password, suggesting it may have been mistakenly input. The workflow verifies this input, waits for a successful login to associate the device with the user, and provides an option for administrators to reset the password through a Slack interaction. Additionally, it logs a Jira ticket for each action taken and notifies the respective user, ensuring thorough follow-up on the potential security breach.
Trigger
Okta
Use Cases
Identity and Access Management
Workflow Breakdown
Triggers on a Failed Login where the user email is not found.
Verifies the input string is a password candidate.
Waits for a successful Login and correlates previous failures.
Ask Administrator to reset the password of the user, due to the credentials leakage.
Open Jira Ticket with the selected action or errors.
Notifies the user by Slack when the password is reseted.
Notifies the user by Slack of the possible leaked credentials.
Vendors
Slack, Utils, Okta, Jira Cloud, Torq
Workflow Output
Jira Tickets are created noting the chosen actions by the Administrator to remediate the exposure.