Problem Statement
On the user details page of the dashboard, “BLOCKED(BRUTEFORCE)” is displayed. What are the conditions to mark user “BLOCKED(BRUTEFORCE)”?
Solution
The “BLOCKED(BRUTEFORCE)” means the user is blocked by Brute Force Protection.
When the Brute Force Protection feature blocks an “identifier”, it doesn’t matter if the user account bound to the identifier exists or not. Since the Brute Force Protection is triggered by consecutive failed login attempts, when the login fails, there is no way to tell if the user exists or not.
On the user details page of the tenant dashboard, it checks the following identifiers to determine if the user is “BLOCKED(BRUTEFORCE)”.
-
email
of the user account -
username
of the user account -
phone_number
of the user account - local part of the email of the user account
For example, if the user’s email address is “user@example.com”, the local part of the email is “user”
- The substring after the last pipline
|
character of the user_id
For example, if the user_id is ad|ad_connection|user
, the identifier used to check for blocks is “user”
The last two conditions are mainly used by the AD/LDAP connection users.