Compromised Credentials
Starting September 16, 2024, passwords used for authentication on Invantive Cloud are checked against data from public leaks of user names and passwords.
Access to Invantive Cloud is blocked in case a password has been set on Invantive Cloud that is also used elsewhere and leaked.
This improves the security on the data contained in your databases. However, no guarantees are made that all leaked user names and passwords will be detected, nor that the check will automatically detect such cases.
In case you experience any security problems, please reach out to Invantive through the dedicated phone number for security purposes: +31880026598.
Risk-weighted Emails on Sign-in
Additionally, users may even receive an email when the correct credentials are provided but a risk weighted approach indicates that it is wise to inform the user of the login.
Depending on the outcome of the risk model the log in will be accepted or even blocked. An accompanying email will include a timestamp in UTC; please remember to compensate for your local timezone! The details of the risk model will not be made available for security reasons.
An email will be sent when the risk is considered to be sufficient to communicate the log in to the user by the email channel:
New sign-in attempt on Invantive Cloud
An unrecognized sign-in to your Invantive Cloud account john.doe@acme.com was observed:
Time: 11:11:11 UTC
Device: Device
IP address: 8.8.8.8
Location: Amsterdam, the NetherlandsIf this sign-in was not by you or on behalf of you (such as by powerbi.com), you should change your password and notify us by clicking on LINK.
If this sign-in was by you or on behalf of you (such as by powerbi.com), you can follow LINK to let us know. This will improve the detection algorithm.
If you experience any further difficulties, please call Invantive Security on +31 88 00 26 598.
Regards,
Invantive Support
When the risk is considered high, the log in will be blocked and an email will be sent:
Blocked sign-in attempt on Invantive Cloud
An unrecognized sign-in to your Invantive Cloud account was blocked:
Time: 11:11:11 UTC
Device: Device
IP address: 8.8.8.8
Location: Amsterdam, the NetherlandsIf this sign-in was not by you or on behalf of you (such as by powerbi.com), you should change your password and notify us by clicking on LINK.
If this sign-in was by you or on behalf of you (such as by powerbi.com), you can follow LINK to let us know.If you experience any further difficulties, please call Invantive Security on +31 88 00 26 598.
Regards,
Invantive Support
It is recommended to follow the links in the emails to reduce the likelihood of irrelevant notifications.
All links either point to login.invantive.com or to eu-west-1.awstrack.me.