Challenge Task: Imagine a bot tries to guess a user’s password 500 times in one minute. Which specific Auth0 security feature kicks in to block that IP address?
Submission Requirement: The name of the feature + does it block the user or the traffic?
feature 1: Brute-force protection safeguards your tenant against attackers who use a single IP address to target a single user account.
feature 2: Suspicious IP Throttling blocks traffic from any IP address that rapidly attempts too many logins or signups. This helps protect your applications from high-velocity attacks that target multiple accounts.
- Blocks the suspicious IP address from logging in as that user. and sends a notification to the affected user.
footnotes:
https://auth0.com/docs/secure/attack-protection/brute-force-protection
https://auth0.com/docs/secure/attack-protection/suspicious-ip-throttling
1 Like
This topic was automatically closed after 24 hours. New replies are no longer allowed.