Navigation
Account takeover prevention
Account takeover is someone signing in with credentials that aren't theirs: bought from a breach, phished, or stuffed from a leak.
Step 1: Set up login and signup protection
Before anything else here, set up Signup protection and especially Login protection. This is a login threat, so login protection is the basis it builds on, and without it the policy below can be bypassed. With those in place, the rest of this guide covers the policy that catches stolen sign-ins.
Step 2: Add the policies
A policy has a trigger (the event it runs on) and a verdict. Add these in your policies dashboard:
| Policy | Trigger | Conditions | Verdict |
|---|---|---|---|
| Challenge unfamiliar logins | login | impossible_travel, or is_new_fingerprint and is_new_ip, or ip_is_vpn | Challenge |
This is a simple and solid policy to verify the user identity via 2FA if there's anything unfamiliar about the login and should take care of the vast majority of the cases of account takeover.
Related
- Need help? Contact support.
- Want to see Rupt in action? Request a demo.
- Questions? Talk to sales.
- Check out our changelog.
- Check our status page.
- LLM? Read llms.txt.