Hi @jrceja313, and thank you for your question!
The check and the corresponding notification are tied directly to these three specific events:
- During Signup: When a user creates a new account with a password.
- During Login: Each time a user attempts to log in with their username and password.
- During a Password Change: When a user resets their password or an administrator changes it via the Management API.
Auth0 does not perform periodic background scans of your entire user database against newly discovered breaches. The check is a real-time, transactional event that happens only at the moment a credential is provided to the system.
I hope this helps you!
Sincerely,
Teodor.