Provide sending limits for password reset emails

Feedback
1

Feature:
Provide sending limits for password reset emails.

Description:
Since password reset emails do not have send limits, malicious third parties can send spam emails by using Auth0.
So, Auth0 should have the measurement for this situation.
For example, if specific account send the multiple password reset emails, Auth0 will prohibit sending password reset within 24 hours.

Use-case:
Our company develops a mobile ordering application for the retail industry. We maintain strict security policies and believe it’s important to implement measures to address this issue.

2

Hey there!

Thank you for creating this feedback card! Make sure to upvote it so it can get as many votes as possible. We review those feedback cards on a monthly basis and will let you know once we have any updates on that front!

4 Likes
3

Hi there,

If not this then could we enable captcha for reset password?

1 Like