Auth0 Home Blog Docs

Is it possible to unblock users blocked by brute force protection automatically after some timeout period is reached?

brute-force
blocked-account

#1

For unblocking users Auth0 provides 3 methods mentioned in the anomaly detection page. Is it possible to unblock these blocked users automatically after some timeout period is reached?

Methods to unblock users:

  • An administrator removes the block via the Dashboard (by clicking unblock for all IPs under the ACTIONS button when viewing the user’s details) or by using the Management API ;

  • The User clicks on the “unblock” link provided in the email sent when the block went into effect;

  • The User changes their password.


#2

There is one community maintained extension application unblocking users with a configurable delay in this repository. Please note that unblocking users could allow hackers to make brute force login attempts. So use this extension, if you accept the risks it may cause.


#3