Problem Statement
On the user details page of the dashboard, “BLOCKED(BRUTEFORCE)” is displayed. What are the conditions to mark user “BLOCKED(BRUTEFORCE)”?
Solution
The “BLOCKED(BRUTEFORCE)” means the user is blocked by Brute Force Protection.
When the Brute Force Protection feature blocks an “identifier”, it doesn’t matter if the user account bound to the identifier exists or not. Since the Brute Force Protection is triggered by consecutive failed login attempts, when the login fails, there is no way to tell if the user exists or not.
On the user details page of the tenant dashboard, it checks the following identifiers to determine if the user is “BLOCKED(BRUTEFORCE)”.
-
emailof the user account -
usernameof the user account -
phone_numberof the user account - local part of the email of the user account
For example, if the user’s email address is “user@example.com”, the local part of the email is “user”
- The substring after the last pipline
|character of the user_id
For example, if the user_id is ad|ad_connection|user, the identifier used to check for blocks is “user”
The last two conditions are mainly used by the AD/LDAP connection users.