We’ve enhanced suspicious IP throttling to give Auth0 customers greater control: You can now customize how Auth0 detects and regulates suspicious traffic from a single IP address during end-user account creation and authentication.
Suspicious IP throttling safeguards against high-velocity attacks that target multiple accounts. When Auth0 detects a high number of consecutive, failed login or signup attempts from an IP address, suspicious IP throttling:
Suspends subsequent attempts from that IP address
Sends email notification to administrators
Auth0 uses an aggregate view of our platform traffic to establish thresholds for limiting suspicious traffic. These fixed values cover the vast majority of use cases. But customers with edge cases had no simple means of adjusting thresholds to meet their needs.
Previously, customers had no self-serve means of adjusting this threshold. Any modification would require intervention by Auth0 engineering.
Threshold manager for suspicious IP throttling lets you customize the thresholds from the Auth0 Management Dashboard. There are no delays or overhead; changes are instant. To learn more, read Suspicious IP Throttling in the Auth0 documentation.
If you have suggestions on how we can continue to make our product better, please let us know in the Auth0 community site.