Protection against cookie theft?

Hello,

i have a question about security related to cookie theft… We are evaluating Auth0 and its SSO functionality and i have done a simple test by importing cookies from one browser into another and was disappointed that it was instantly logged in. We are using the Implicit Grant flow with Silenth Authentication for SSO. Have i missed something or can someone provide some additional informations how to best implement protections against that case ? Any way to do it with the hooks ?

Thanks alot!

Hey there!

Sorry for such delay in response! We’re doing our best in providing the best developer support experience out there, but sometimes the number of incoming questions is just too big for our bandwidth. Sorry for such inconvenience!

Do you still require further assistance from us?