Block ip once after 5 incorrect logins in 10 minutes

I’m trying to implement my own method of preventing login once 5 incorrect logins occur in 10 minutes. I considered using a rule but it won’t be fired as a successful login is required to run rules. I understand there is auth0 anomaly detection but it is not going to satisfy the criteria I want.

1 Like

Could you please elaborate on what anomaly detection is missing that you would need?

I would like to be able to set my own failed login rules to 5 incorrect logins in 10 minutes from an ip address for a user. Anomaly detection is 10 failed logins from the same ip address for a user. Basically a way to customize anomaly detection to meet what I want.

1 Like

@richard.dowinton Any update on this? I also need to customize the brute force protection rules

1 Like

Hey there!

Sorry for such delay in response! We’re doing our best in providing you with best developer support experience out there but sometimes the number of incoming questions is just too big for our bandwidth, sorry for the inconvenience!

Passing your feedback straight to our product team! Thank you!

1 Like