Overview
The Warning Banner is a real-time intervention designed to alert users when they enter a weak password on a login page. It displays a subtle but clear banner directly within their browser, helping drive secure password hygiene at the moment it matters most.
This intervention supports our weak password detection capability, and is one of the most effective ways to coach users to take action without disrupting their workflow.
Why we built it
Many users reuse or create weak passwords without realising the risk — especially in third-party SaaS apps that sit outside corporate SSO.
The Warning Banner:
-
Surfaces this risk in context, right when it happens
-
Encourages users to proactively change their password
-
Improves engagement with password hygiene without needing additional training
-
Reduces the need for manual follow-up by security teams
How it works
When a user logs into a SaaS app using a password that falls below your configured password policy, CultureAI will trigger the Site Warning Banner to appear on that page.
The banner will:
-
Let the user know the password used is weak
-
Prompt them to take action (e.g. update it)
-
Only appear to the user who performed the action — via the CultureAI browser extension
How to Configure the Intervention
Follow these steps to enable the Site Warning Banner for weak password detection:
-
Navigate to the Human Risk Dashboard
-
Select SaaS accounts using weak password risk from Identity category
-
Click Configure Interventions
- Select Used a weak password from the Security Decision dropdown
-
Under JIT Education, select Display Site Warning Banner from the Coaching Event dropdown
-
Save your changes
Once configured, the intervention will run automatically whenever a weak password is detected during a login event.