Alpha

Block Account Takeovers Before They Happen

Detect bots, brute force attacks, impossible travel, and other threat signals. Configure which detections block, challenge, or log per tenant.

Join waitlistRead documentation

Threat detection

Protect authentication flows from credential attacks

Auth Guard runs multiple detection checks on every login, signup, and MFA attempt. Detections fire in parallel, and you control the action for each one: block the request, challenge with additional verification, or log for review. Custom allow lists bypass all detections for trusted IPs and devices.

Capabilities

Threat signals analyzed on every auth request

Bot detection

Identify automated scripts, headless browsers, and credential stuffing tools. User-Agent patterns, header ordering, and sub-100ms form submissions contribute to a bot score that triggers when it exceeds your configured threshold.

Brute force protection

Track failed login attempts per device over time. Challenge after 5 failures, block after 10, or configure your own thresholds. Counters reset on successful authentication.

Impossible travel

Calculate the distance between consecutive logins and flag speeds exceeding wide geographical location points. A user cannot log in from New York and Tokyo within 30 minutes.

Signup abuse prevention

Limit signups per email address to prevent free trial abuse. The same email used for signup more than twice triggers detection with configurable actions.

Dormant account reactivation

Alert when accounts inactive for 60+ days suddenly become active. Dormant reactivation can indicate account takeover from compromised credentials.

New device detection

Track known devices per user securely. First-time device access triggers notification or challenge. Devices remain trusted for up to your configured period.

Disposable email blocking

Block signups from thousands of known disposable email domains. Add custom domains to block or allow lists as needed.

Region restrictions

Block or challenge logins from specific countries. Configure allowed and blocked regions so Conjoin Auth Guard automatically resolves user locations from their IP addresses.

Anonymous network detection

Detect logins from VPNs, proxies, TOR exit nodes, and datacenter IPs. Configure which network types to block, challenge, or allow.

New country detection

Track countries each user has logged in from. First login from a previously unseen country triggers notification to the user and optional challenge.

Verification flooding protection

Detect MFA prompt bombing attacks where attackers spam verification requests hoping for accidental approval. Block after 3 unanswered prompts within 5 minutes.

Concurrent session conflict

Flag active sessions from geographically impossible locations. Two sessions in different countries at the same time indicates credential compromise.

< 50ms
Detection latency

All checks run in parallel

12+
Threat signals

With dozens of detection checks

Per-tenant
Configuration

Custom rules and thresholds

Why it matters

Block attacks before they reach your users

Block credential stuffing attacks with configurable thresholds

Attackers use lists of stolen credentials to attempt logins across your user base. Conjoin Auth Guard tracks failures per device fingerprint and applies progressive responses. You configure when to challenge and when to block.
In practice

An attacker runs through 1,000 email and password combinations from a leaked database. After 5 failures from the same device fingerprint, Guard requires email verification. After 10 failures, Guard blocks the device entirely. Your legitimate users see no friction.

Detect account takeovers from location anomalies

Stolen credentials often get used from unexpected locations. Conjoin Auth Guard compares login locations against user history and physical travel constraints. Impossible travel and new country detections catch logins that do not match user patterns.
In practice

A user logs in from Berlin at 9:00 AM. At 9:15 AM, someone attempts to log in with the same credentials from Singapore. Guard calculates the required travel speed of 28,000 km/h, flags impossible travel, and blocks the attempt. The user receives a notification about the blocked login.

Block trial abuse without manual review

Free trial abusers create multiple accounts with the same email or disposable email addresses. Conjoin Auth Guard tracks signup history per email hash and blocks disposable domains. You set the maximum signups per email.
In practice

A user signs up for a free trial, uses it, and tries to sign up again with the same email. Guard detects the previous signup and blocks the attempt. The user tries a disposable email address next. Guard matches it against thousands of known disposable domains and blocks that too.

Built for Your Workflow

Ship faster with solutions designed for real-world needs

Challenge

Bots attempt thousands of logins per hour against your auth endpoints

How Conjoin solves this

Conjoin Auth Guard analyzes request headers, User-Agent patterns, and timing to score each request. Headless browsers, automation frameworks, and known bot signatures contribute to the score. Requests exceeding your threshold get blocked before reaching your database.

Impact

Block automated attacks without CAPTCHAs that degrade the experience for legitimate users.

Challenge

Users report their accounts being accessed from locations they have never visited

How Conjoin solves this

Conjoin Auth Guard tracks the last login location for each user and calculates travel speed between consecutive logins. Speeds exceeding physical limits trigger the impossible travel detection. New country detection fires when users log in from countries not in their history.

Impact

Catch account takeovers in progress and notify users before attackers cause damage.

Challenge

MFA prompt bombing attacks lead to accidental approvals

How Conjoin solves this

Conjoin Auth Guard counts MFA verification requests per user over time. Excessive prompts without successful verification indicate an attacker spamming the user with approval requests. Conjoin Auth Guard blocks further prompts and alerts the user.

Impact

Protect users from MFA fatigue attacks that bypass second-factor security.

Challenge

Configuring detection thresholds requires code deployments

How Conjoin solves this

Configure detections from the Conjoin Console or through the API. Set per-detection actions to block, challenge, or log. Adjust thresholds for brute force attempts, inactivity periods, and bot scores. Add IPs, devices, or users to custom allow lists that bypass all detections.

Impact

Security teams tune detection rules without engineering involvement.

Ship your application today

Start building with Conjoin today. Free tier includes everything you need to prototype and launch. Scale when you're ready.

Start BuildingRead Documentation