Introduction
SuperTokens Bot / Spam detection is a powerful security feature designed to identify and prevent suspicious activities in authentication and user sessions. It leverages various detection methods to enhance the security of your application.
important
This feature is currently in beta and not enabled by default. You can find out how to enable this feature here.
#
Features#
Brute Force Attack DetectionWatches how many times someone tries to do a specific action (such as logging in, resetting password, etc.) within a certain time. If there are too many attempts, it stops them to prevent bad actors from compromising accounts.
#
Password Breach DetectionChecks passwords against a database of leaked passwords to see if they've been leaked before. This helps keep accounts safe by avoiding weak passwords.
#
Impossible Travel DetectionIdentifies potentially fraudulent login attempts by detecting geographically impossible travel between user sessions in a short time.
#
Bot DetectionIdentifies and prevents automated scripts or bots from performing malicious activities such as credential stuffing, account takeover attempts, or scraping sensitive data. It uses advanced algorithms to analyze user behavior, request patterns, and other indicators to distinguish between human users and automated bots.
#
Suspicious IP DetectionDetects suspicious IP addresses that are known for malicious activities. This includes detecting the use of VPNs, TOR, proxy servers, or other network configurations that may be used to hide the user's true location or identity.
#
New Device DetectionRecognizes when a user logs in from a new, previously unseen device. This helps find possible unauthorized logins.
#
Device Count TrackingMonitors the number of unique devices associated with a user account. This helps spot unusual account use.
#
Requester DetectionRecognize and remember devices and requester details, even when they try to disguise themselves. This helps track and identify the same device or requester across multiple login attempts, improving security and user recognition.
#
Flow diagramThe Bot / Spam detection service is typically integrated into your authentication flow. It processes requests and provides risk assessments that you can use to enforce additional security measures, such as requiring two-factor authentication for suspicious logins or blocking high-risk attempts altogether.
By leveraging these advanced detection methods, SuperTokens Bot / Spam detection significantly enhances your application's security posture and helps protect your users from various types of account compromise attempts.
Below is an high level overview of how this works:
#
Recipes integrationDifferent recipes have different ways of integrating with the Bot / Spam detection feature.
#
PasswordlessWhen using the passwordless recipe, the only check should be brute force detection. Other checks are not needed as the passwordless flow by itself prevents bot attacks.
#
Email Password LoginWhen using the email password login recipe, bot detection (and possibly other checks) should be used along with brute force detection.
#
Phone Password LoginWhen using the phone password login recipe, bot detection (and possibly other checks) should be used along with brute force detection.
#
Social/enterprise LoginWhen using these types of recipes, there should be no checks used.