When does the failed login count for Suspicious IP Throttling reset?

Problem statement:

Is it correct that the count of the number of failed logins for Suspicious IP Throttling does not reset even if the logins are successful, but needs to be reset by the administrator using the Management API?


That is correct. The failed login count does not reset after a successful login.

However, the threshold renews at the rate you configured in your Suspicious IP Throttling settings.

For example, setting the Throttling Rate to 100 where any given IP address can obtain 100 new login tokens per day.

See Suspicious IP Throttling to learn more.

Reference Materials: