Next Identity: Password Service helps you protect your resources and users from common password issues.
This service is used during authentication and in workflows for creation and change of passwords. It ensures users follow guidelines which are configurable by application and region. We interact with the complexities of the backend platform, and provide a simple interface to your client applications.
History Check: checks a configurable number of previous password hashes for a user. Returns status of password matching to prevent re-use. See more detail for password history.
Strength Enforcement: rules for password format and strength policies.
Expiration Management: rules for password expiration and associated workflows.
One Time Password (OTP): password-less authentication with single use codes. May be used alone or, in coordination with our communication service for SMS and email delivery.
Localized and Dynamic Messages: establish and serve translated content for error messages and alerts to users. Messages are based on configuration like this password history example where the number of previous passwords is used: “Please choose a password which does not match your previous 5 selections.”
How it works
The service is hosted in AWS and your application may be whitelisted to make a server-to-server API call.
Configurations are available via API, or with assistance. Configuration of service features may be set differently for each application property you’d like to define.
All passwords and personal data are stored in your backend Identity system, which is shielded with additional protections. Your app receives simple decision information which does not contain private data.