In Bot detection what is "When risky"

tashi.wangdi · November 25, 2021, 10:17am

When enabling the Bot detection in the tenant, one of the option is the following:

"When Risky

Users are required to complete a CAPTCHA if the login is high risk."

Could someone explain what is considered a “high risk”? What is the criteria to decide that a login or sign up attempt is high risk?

Regards

konrad.sopala · November 25, 2021, 1:12pm

That’s a good question. Let me reach out to the team to find out more about that!

konrad.sopala · November 26, 2021, 4:15pm

Hey there!

It seems like I have an answer for you:

The Attack Protection intro page lists Bot Detection Risk Signals as associated with quality of IP traffic. If a user trying to login or create an account from an IP that could be part of a credential stuffing or list validation attack. Yhat is what we mean as a “high risk”

Topic		Replies	Views
Validate Captcha Enforcement due to Bot Detection with Risky Option Enabled Knowledge Articles tenant-logs , captcha , risky , bot_detection	1	203	June 12, 2024
Regarding Bot Detection under Attack Protection Help auth0 , login , bot-detection , attack-protection	2	2144	September 16, 2022
Auth0 Bot Detection Issue Knowledge Articles sms , captcha , bot-det , attacker , risky	1	1312	May 4, 2023
Captcha - Pre-login risk assessment Knowledge Articles recaptcha	1	1348	May 31, 2023
Enhanced Captcha Customization Feedback captcha	0	285	February 22, 2024

In Bot detection what is "When risky"

Related Topics