Skip to content
At Snowflake
NOV 18, 2024|1 min read

Snowflake Will Automatically Disable Leaked Passwords Detected on the Dark Web

Photo illustration of a woman wearing glasses with code superimposed around her and the BUILD 2024 icon on a blue bar at the bottom

Security has been an integral part of Snowflake’s platform since the company was founded. Through the security capabilities of Snowflake Horizon Catalog, we empower security admins and CISO’s to better protect their environments. As part of our continued efforts to help customers secure their accounts, and in line with our pledge to align with CISA’s Secure By Design principles, we are announcing the general availability of Snowflake Leaked Password Protection (LPP). This capability monitors and blocks passwords that have been discovered on the dark web. LPP provides a defense-in-depth mechanism that helps prevent unauthorized access to Snowflake accounts. 

LPP leverages data feeds on reported leaked passwords from industry-leading threat-intelligence providers. Snowflake then securely verifies whether the leaked password is still valid for the identified user. Our LPP system validates passwords for all users (human or service) in a privacy-preserving manner. Passwords are only handled in the memory of our automated systems and at no point do they persist at rest in cleartext, nor are they visible to any Snowflake employees.

Once a leaked password is confirmed to still be valid, LPP automatically disables the password for that user. The user will then need to contact their account administrator to get a reset password link which requires them to change their password on next sign-in, which will then be subject to the effective password policies on that account. We strongly recommend that admins turn on multi-factor authentication (MFA) (if the user is not a service user) and network policies immediately. LPP keeps the user and relevant administrators informed, via email, about any actions taken. 

While we continue to believe that MFA is the best protection for user accounts and we will continue to default to MFA for human users, LPP is an additional step toward helping our customers better secure their accounts by default. 

To learn more about how we are making the Snowflake platform more secure and the role of Snowflake Horizon Catalog, watch the BUILD 2024 “What’s New” session on demand.

 

Woman using computer
Virtual Hands-On Lab

Unify Your Governance Strategy with Snowflake Horizon Catalog

Join Snowflake experts as they walk you through how to classify and apply granular policies to sensitive data, monitor data quality, and discover data, apps and more using Snowflake Horizon Catalog.
Share Article

RelatedContent

Snowflake Expands Supported MFA Methods and Makes Them Available by Default Everywhere

Snowflake expands MFA options with authenticator apps and passkeys, making MFA available by default on Snowsight password sign-ins to strengthen security.

Snowflake Strengthens Security with Default Multi-Factor Authentication and Stronger Password Policies

MFA will be enforced for all human users in any Snowflake account created in October 2024. Learn how to prepare for the upcoming changes.

How Dropbox Implemented a Modern SIEM with Snowflake and Panther

With security teams today facing a lot of challenges, being able to rely on a company like Snowflake is imperative. Here’s how the Dropbox team has been getting it done.

What’s New in Security: Proactive Security for Data and AI, Enterprise-Grade Defense In Depth and More

Explore Snowflake's latest security innovations, including MFA, malicious IP protection and private connectivity, designed to build a trusted AI Data Cloud.

Snowflake Horizon: Leading Governance & Data Discovery

Snowflake Horizon enhances data governance with robust compliance, security, and privacy features, enabling efficient discovery and collaboration.

Snowflake Advances Cybersecurity Excellence by Joining CISA Secure by Design Pledge

Snowflake is proud to join the CISA Secure By Design Pledge, reinforcing our commitment to cybersecurity excellence.

Simplifying Data Architecture and Security to Accelerate Value

Snowflake simplifies data architecture and enhances security, enabling organizations to accelerate value with streamlined, secure, and scalable solutions.

Snowflake Ransomware Guardrails

Explore how Snowflake helps protect against ransomware with layered prevention, detection and recovery measures — both built-in and customer-managed.

SOX Compliance Automation with Snowflake

Snowflake provides efficiency and confidence in risk management by automating SOX compliance and monitoring internal controls through data-driven analytics.

Subscribe to our blog newsletter

Get the best, coolest and latest delivered to your inbox each week

Where Data Does More

  • 30-day free trial
  • No credit card required
  • Cancel anytime 
start for free
watch a demo