Security Features
Enterprise security features to protect your account and data
Security Features
Deck provides multiple layers of security to protect your account, data, and users. The available security features depend on your pricing tier.
Available Security Features
Credential Stuffing Prevention
Available in: All tiers (Starter, Pro, Enterprise)
Credential stuffing protection helps prevent automated attacks where bad actors try stolen username/password combinations from other breaches to access your account.
How it works:
- Monitors login attempts for suspicious patterns
- Blocks automated credential testing attempts
- Protects against brute force attacks using compromised credentials
- No action required from you - protection is always active
Bot Signup Detection
Available in: All tiers (Starter, Pro, Enterprise)
Bot signup detection prevents automated bots from creating fake accounts in your organization, keeping your data clean and preventing abuse.
How it works:
- Analyzes signup behavior patterns to distinguish humans from bots
- Blocks suspicious automated signup attempts
- Prevents spam accounts from polluting your user data
- Runs automatically during account creation
Passkeys (FIDO2)
Available in: Pro and Enterprise tiers
Passkeys provide passwordless authentication using FIDO2 standard, offering stronger security than traditional passwords.
Benefits:
- No password to remember or type
- Phishing-resistant authentication
- Uses biometric authentication (fingerprint, Face ID) or hardware security keys
- Faster and more convenient than passwords
How to enable:
- Go to Settings → Security
- Select Add Passkey
- Follow your device's prompts to register your passkey
- Use your passkey for future logins instead of a password
Supported devices:
- Modern smartphones with biometric authentication
- Laptops with fingerprint readers or Face ID
- Hardware security keys (YubiKey, etc.)
SAML/SSO
Available in: Enterprise tier only
Single Sign-On (SSO) with SAML 2.0 allows your organization to manage authentication through your identity provider.
Benefits:
- Centralized user management through your IdP
- Enforce your organization's authentication policies
- Automatic user provisioning and de-provisioning
- Single login for all your team's applications
Supported Identity Providers:
- Okta
- Microsoft Entra ID (Azure AD)
- Google Workspace
- OneLogin
- JumpCloud
- Any SAML 2.0-compliant identity provider
How to set up:
- Contact your Deck account manager or support@getdeck.io
- Provide your IdP metadata URL or XML file
- Our team will configure SAML for your organization
- Test the connection with a test user
- Roll out to your organization
Enterprise-only features:
- Force SAML/SSO login - disable password-based authentication
- Just-in-time (JIT) user provisioning
- Automated role assignment based on IdP attributes
- SCIM support for user lifecycle management
Security by Tier
| Feature | Starter | Pro | Enterprise |
|---|---|---|---|
| Credential stuffing prevention | ✅ | ✅ | ✅ |
| Bot signup detection | ✅ | ✅ | ✅ |
| Passkeys (FIDO2) | ❌ | ✅ | ✅ |
| SAML/SSO | ❌ | ❌ | ✅ |
Additional Security Best Practices
Regardless of your tier, follow these best practices:
- Use strong passwords - At least 12 characters with a mix of letters, numbers, and symbols
- Enable two-factor authentication (2FA) - Add an extra layer of security to your account
- Review audit logs - Regularly check who's accessing your account and when
- Limit admin access - Only give admin privileges to users who need them
- Keep software updated - Use the latest version of your browser and operating system
Need More Security?
If you need additional security features or have specific compliance requirements, contact our sales team to discuss Enterprise options:
- Email: sales@getdeck.io
- In-app: Settings → Support → Contact Sales