主权项 |
1. A method, comprising:
receiving a request to access an on-demand service from a requestor at the on-demand service, the request including credentials for logging into the on-demand service; determining, utilizing a hardware processor, that the requestor from which the request to access the on-demand service is received is a potentially risky source, the determination being based at least on:
information about the requestor, andinformation about one of a plurality of entities of the on-demand service to which the access is requested, wherein the information about the one of the plurality of entities is stored by the on-demand service; in response to the request to access the on-demand service and the determination that the requestor is the potentially risky source, managing access to the on-demand service by:
identifying information previously stored in association with the credentials that were received in the request to access the on-demand service, the information previously stored in association with the credentials indicating a message destination,sending, by the on-demand service, a token to the message destination,after sending the token to the message destination, challenging the requestor to provide the token to the on-demand service,determining whether the token is provided by the requestor to the on-demand service in response to the challenge,identifying the requestor as authenticated in response to a determination that the token is provided by the requestor to the on-demand service, and permitting the requested access to the on-demand service by the authenticated requestor, andidentifying the requestor as non-authenticated in response to a determination that the token is not provided by the requestor to the on-demand service, and prohibiting the requested access to the on-demand service by the non-authenticated requestor. |