Enhanced Token Theft Protection

1 min. readlast update: 11.08.2024

To further protect against token theft, ThreatLocker has introduced the option to 'Enable Enhanced Token Theft Protection'. This toggle is located at the bottom left of the login page and becomes visible once a username is entered. When activated, the user session authentication token will be linked to the user's IP address. If the token is used from an IP address that is different from the one originally detected, the session will be automatically terminated. 

This option is enabled by default but can be toggled off if desired.

Please Note: If a user has an active session in the ThreatLocker portal with Enhanced Token Theft Protection enabled and their IP address changes (such as switching from WiFi to a wired connection), the user session will be terminated, and the user will need to log in again.

 

Was this article helpful?