Security Update - Enhanced Authentication
· 2 min read
We have successfully deployed enhanced authentication security measures across all Cyberhaven services to strengthen account protection.
Security Enhancement Details
Deployment Date: January 22, 2025
Completion Time: 14:30 UTC
Severity: High
Status: ✅ Completed Successfully
What Changed
We have implemented the following security improvements:
Enhanced Multi-Factor Authentication (MFA)
- Support for hardware security keys (FIDO2/WebAuthn)
- Improved backup code generation
- Enhanced mobile app authentication
Session Management
- Reduced session timeout for inactive users
- Improved session invalidation on password changes
- Enhanced concurrent session monitoring
API Security
- Updated API token encryption standards
- Improved rate limiting algorithms
- Enhanced audit logging for API access
Impact on Users
Immediate Changes
- No action required for most users
- Existing sessions remain valid
- Current MFA settings are preserved
Recommended Actions
- Review your MFA settings in your account preferences
- Consider upgrading to hardware security keys for enhanced protection
- Update saved passwords in your password manager if needed
- Review active sessions and terminate any unrecognized sessions
New Features Available
Hardware Security Key Support
You can now use hardware security keys (YubiKey, Google Titan, etc.) for authentication:
- Go to Account Settings → Security
- Click Add Security Key
- Follow the setup wizard
Enhanced Audit Logs
Administrators now have access to:
- Detailed authentication logs
- Failed login attempt tracking
- Session activity monitoring
- API access patterns
Technical Details
For technical teams and integrators:
API Changes
- No breaking changes to existing API endpoints
- New optional headers for enhanced security
- Improved error responses for authentication failures
SDK Updates
- Updated SDKs will be released next week
- Backward compatibility maintained
- New security features available in v2.1+
Compliance Updates
This update enhances our compliance with:
- SOC 2 Type II requirements
- ISO 27001 standards
- GDPR data protection regulations
- CCPA privacy requirements
Support and Resources
Documentation
Need Help?
- Support Portal: support.cyberhaven.com
- Email: security@cyberhaven.com
- Emergency Security Issues: Call +1-800-CYBER-SEC
Timeline
- January 20, 14:00 UTC: Deployment began
- January 20, 16:30 UTC: Core authentication services updated
- January 22, 12:00 UTC: API security enhancements deployed
- January 22, 14:30 UTC: All updates completed and verified
Thank you for your continued trust in Cyberhaven's security measures.
This notification will remain pinned for 7 days. Subscribe to our security notifications to stay informed about future updates.