Posted On: Jun 14, 2018

Amazon Cognito's new advanced security features for risk-based adaptive authentication and compromised credentials protection are now generally available to secure user accounts across your web and mobile apps.

When Amazon Cognito detects unusual sign-in activity, such as sign-in attempts from new locations and devices, it assigns a risk score to the activity and lets you choose to either prompt users for additional verification or block the sign-in request. Your users can be notified of suspicious sign in attempts and prompted to secure their accounts. You can also view a history of sign in attempts and their risk scores.

With compromised credential protection, Amazon Cognito detects when users enter credentials that have been exposed elsewhere. If users attempt to use compromised credentials, Amazon Cognito prompts them to choose another password.

The advanced security features are now available in all AWS regions with Amazon Cognito User Pools, including Asia Pacific (Mumbai), Asia Pacific (Tokyo), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney), Europe (London), Europe (Frankfurt), Europe (Ireland), US West (Oregon), US East (Northern Virginia) and US East (Ohio).

To learn more, see the Amazon Cognito Developer Guide.