> For the complete documentation index, see [llms.txt](https://docs.sprinto.com/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.sprinto.com/monitors/authentication-and-access-monitors.md). # Authentication & Access Monitors Sprinto provides a comprehensive set of monitors to ensure your organisation enforces strong authentication and access control measures. These checks help validate that user identities are secured, access is tightly governed, and critical systems are protected against unauthorised entry. This section covers monitors related to: * Multi-Factor Authentication (MFA) * Login protection mechanisms * Auto account lockout * Inactive user cleanup * Access rules on critical systems *** ### Monitored Controls #### Multi-Factor Authentication (MFA) Sprinto verifies that MFA is enabled for users across all critical systems and cloud platforms. This includes checks for:
PlatformMonitored Item
AWSRoot and IAM user MFA setup
GitHubIndividual and org-level MFA enforcement
BitbucketPersonal and team MFA
Office365 / AzureConditional access with MFA enforcement
Google WorkspaceEnforced MFA for all users
Okta2FA / MFA policy enabled
**Monitor Actions** * Integration-based auto check (where supported) * Step-by-step remediation guides for enabling MFA * Manual evidence upload if integration is not feasible *** #### Login Protection & Lockout Sprinto validates whether systems enforce secure login protection methods, including: * Brute-force attack prevention * Auto account lockout after failed attempts * Password policy enforcement (length, complexity, expiry) These monitors help detect vulnerabilities in authentication workflows and enforce corrective action. *** #### Inactive User Cleanup Inactive user credentials are a common attack vector. Sprinto includes monitors that: * Identify stale users on AWS, Azure, and other platforms * Check for users with active access but no recent activity * Recommend disabling or removing unused accounts *** #### Access Rule Configuration Sprinto checks if access control rules are implemented correctly on critical systems, such as: * Access based on role or business need * Least-privilege enforcement * Login protection on infrastructure services * Access review configurations for sensitive systems *** ### Remediation Workflow Each failing monitor includes a resolution workflow with: 1. Summary of the issue 2. Recommended steps to configure the required control 3. Links to platform-specific setup guides (e.g., AWS IAM, GitHub MFA) 4. Option to upload proof (evidence) if automation is not available All changes made on external platforms (e.g., enabling MFA) are detected by Sprinto in the next sync cycle. *** ### Best Practices * Enforce MFA universally and monitor its configuration via integrations. * Review access control monitors weekly to identify policy drift. * Lock unused accounts regularly. * Maintain a documented access review process. --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.sprinto.com/monitors/authentication-and-access-monitors.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.