Skip to main content
All CollectionsTemplatesIntermediate
Okta Exposed Passwords in Failed Login Attempts - Workflow Template
Okta Exposed Passwords in Failed Login Attempts - Workflow Template

Uncover possible exfiltrated credentials in Okta when a user accidentally inputs a password in the email field and is stored as clear text.

Updated over a week ago

This Torq workflow template is designed to strengthen security measures by addressing potential credential leaks in Okta due to user errors during login attempts. Specifically, it triggers upon failed login attempts where the email is a plausible password, suggesting it may have been mistakenly input. The workflow verifies this input, waits for a successful login to associate the device with the user, and provides an option for administrators to reset the password through a Slack interaction. Additionally, it logs a Jira ticket for each action taken and notifies the respective user, ensuring thorough follow-up on the potential security breach.

Trigger

Okta

Use Cases

Identity and Access Management

Workflow Breakdown

  1. Triggers on a Failed Login where the user email is not found.

  2. Verifies the input string is a password candidate.

  3. Waits for a successful Login and correlates previous failures.

  4. Ask Administrator to reset the password of the user, due to the credentials leakage.

  5. Open Jira Ticket with the selected action or errors.

  6. Notifies the user by Slack when the password is reseted.

  7. Notifies the user by Slack of the possible leaked credentials.

Vendors

Slack, Utils, Okta, Jira Cloud, Torq

Workflow Output

Jira Tickets are created noting the chosen actions by the Administrator to remediate the exposure.

Did this answer your question?