SSO Dashboard alerts dismissable by attacker

(Gene Wood) #1

I wanted to share an email I got from one of our users. It calls out a question I’ve had before and figured it was a good motivation to bring it up in this forum.

Jessica writes

I just received two “High risk” alerts upon logging into the the SSO dashboard b/c I’m traveling in Europe. I think that if someone was able to log into my account, they’d be able to say “sure, this is fine” on these alerts; it wouldn’t necessarily be me who sees them first? I dunno what the use case is for that. I happen to be logging in so SSO Dashboard b/c I need to get to CASA and it’s the easiest way for me to find the URL. I go through the main SSO dashboard maaaaybe once/month.

So the question is, why do we surface geo alerts in the SSO dashboard alert UI when that UI is accessible by the theoretical attacker, enabling the attacker to dismiss the alerts before the actual user sees them?