Hi everyone, I am trying to implement Auth0 in my app but I am facing some problems trying to block the user when attempting to login 3 or more times.
So far I discover the following:
- Brute force: Not the same because it blocks the IP instead of the user.
- Breached password detection: Not needed at all for now.
- Rules: Are supposed to be triggered AFTER the user authenticates SUCCESSFULLY, so im not able to get failures for counting.
From my perspective this is a extremely basic feature, specially for a platform such this one. Am I missing something? Have anyone faced the same issue and is able to give me a hint?