CASE 93 · FOSTER · 2025
Two million users migrated, no password resets.
A consumer marketplace had two million users on a custom-rolled auth service that the team didn’t want to maintain anymore. We migrated to Cognito User Pools without forcing any user to reset their password — using Cognito’s lazy-migration trigger to verify credentials against the legacy store on first sign-in.
Consumer marketplace
SECURITY
2025
RESULTS
What changed, by the numbers.
PASSWORD RESETS REQUIRED
0
USERS MIGRATED
2M
LEGACY SHUTDOWN
WEEK 18
AUTH AVAILABILITY
99.99%
HOW IT WENT
The custom auth service was three years old, run by one engineer who had moved teams, and held password hashes in a PostgreSQL table. Forcing password resets across two million users would have caused a measurable conversion-rate dent.
Cognito’s pre-authentication trigger let us verify credentials against the legacy store the first time a user logged in post-cutover. On success, Cognito created the user with the same password hash (re-hashed to its own format) and subsequent logins served from Cognito directly. The legacy service handled fallback for users who hadn’t logged in yet.
After eighteen weeks, 80% of active users had been lazy-migrated. The remaining 20% (mostly inactive accounts) got a courtesy email and a graceful failure path. The legacy service was shut down with a 90-day backup retention period and no support tickets.
RELATED · SAME DOMAIN
Other engagements in this space.
READY WHEN YOU ARE
Let's get your AWS bill (and architecture) in order.
The discovery call is free. You walk away with at least one concrete idea — even if we never work together.