Atera and Auth0 bring you a comprehensive security solution that prioritizes your online safety. Additionally, you can enjoy the convenience of hassle-free biometric scanning for a personalized and secure login experience.
- Bot Detection: Reduces scripted attacks by determining whether a bot generated a request. When a bot is believed to be behind a request, a challenge-response authentication (CAPTCHA) will be presented.
- Breached Password Detection: Auth0 monitors large security breaches on third-party websites for leaked passwords and notifies and/or blocks users from logging in if their credentials are suspected to be part of a published security breach.
- Brute-force Protection: Brute-force protection guards you from malicious attempts to gain access to your user account from a single IP address.
- Risk Assessment: Safeguard accounts from unauthorized access by evaluating critical login parameters and blocking logins that meet suspicious conditions.
For more information, see Auth0's Attack Protection
Bot detection is a security feature that mitigates automated attacks on your Atera account by scanning for suspicious login attempts from bots and scripts — acting as a security guard for your Atera account — checking for unusual login patterns that might indicate a robot or script trying to break in.
In the event of a possible attack, it adds an extra CAPTCHA step to your Atera login process. Simply copy the characters that appear, and continue the login process as normal.
Breached Password Detection
Breached password detection ensures that your login credentials remain secure. Auth0 tracks large security breaches on third-party sites to ensure that the login details you use for Atera haven't been compromised in any breach.
If it detects that your Atera credentials are part of a breach elsewhere, it will:
- Block login attempts until you change your password.
- Send you an email alert.
Brute-force protection safeguards against a single IP address attacking a single user account. When the same IP address tries and fails multiple times to log in as the same user, it will:
- Send you an email
- Block the suspicious IP address from logging in
If an IP address is blocked due to brute-force protection, it remains blocked until you click the 'Unblock' link in the email notification you receive.
Note: If you have an email security bot mechanism in place that checks links before it gets to your inbox, then you won't receive the 'Unblock' notification. Rather, the mechanism will have already unblocked the account and you'll receive a message with a one-time-use link to log in to your account.
Risk assessment determines a confidence level for logins based on factors like IP address, location, device information, etc. Integrating this layer enhances Atera's security, thwarting suspicious access.
If a login meets predefined conditions:
1. The attempt is blocked, displaying an error message.
Note: Risk assessment blocks the login attempt, not the user. If you encounter this message mistakenly, please return to the login page and try again, or contact your admin for assistance.
2. All account admins receive a suspicious login attempt email alert, containing the username, IP address, and location.
Set up biometric login
You can log in to Atera with biometric login — using facial recognition (Face ID) and fingerprint scanning (Touch ID) — for a faster and more secure login experience. When logging in, you'll be prompted to set up Auth0's quick and secure biometric login. We recommend setting this up.
- Biometric login is available on supported devices only and cannot be enabled on multiple devices of the same type (e.g., two Windows devices or two Mac devices).
- You'll stay logged in for one week. However, if there is no activity in your account, a new login will be required after 72 hours.
To set up biometric login:
1. Log in with your email and password.
2. Click Continue.
Note: If this is the first time logging in with Auth0, you will be asked to verify your identity with your 2FA code. Enter it and click Continue.
3. Click Continue to use your device's fingerprint or facial recognition on subsequent logins.
4. Verify your identity via fingerprint or facial recognition.
5. Name your device (this alias will help you identify this device from any others you may have).
That's it! The device has been added. From now on, you can verify your identity using fingerprint or facial recognition.
Login or browser issues
Follow these steps to clear the local storage, session storage, and cookies:
1. Open DevTools (right-click anywhere on the Atera page and click Inspect).
2. In the top menu bar, navigate to Application (you may have to click the chevron icon to see it).
3. Navigate to Storage and double-click on Local Storage, Session Storage, and Cookies to open them.
4. Right-click any URL starting with "auth.atera" and click clear.
If your account has more than 1 technician license, you can reset the 2FA by yourself. Otherwise, please contact support.
1. From Admin, click Two-Factor Authentication (2FA).
2. Click Reset next to the technician/admin whose 2FA you'd like to reset. Then confirm.
When you next log in to Atera, you will be prompted with a new QR code as well as a 24-character recovery code. Copy and save the recovery code. Keep it secret. Keep it safe.
For more information on resetting your 2FA, see Two-Factor Authentication (2FA)
Frozen splash screen
If the mobile app opens to a frozen screen, with no options available, please locate the Atera app in your mobile device's storage and clear the storage and cache.
Let us know if we can help should you experience any other issues related to logging in or out of the Atera app.