Problem statement:
One of our users is locked out from logging into our application. The error logs from their failed login show:
{
“errorMessage”: “Your account has been blocked after multiple consecutive login attempts. We’ve sent you an email with instructions on how to unblock it.“,
“success”: false
}
Our user also never got the unblocking email with instructions. We would like to know how to unblock users when this happens?
Symptoms
- “Your account has been blocked after multiple consecutive login attempts. We’ve sent you an email with instructions on how to unblock it.“
Cause
- Exceeding the number of Maximum Attempts configured on your Brute-force Protection settings.
Solution
To unblock your users who have been blocked from brute-force protection, there are several options:
- The affected user selects the unblock link in the email notification (if configured).
- You can customize the template: Customize Blocked Account Emails
- The affected user changes their password (on all linked accounts).
- An administrator removes the block.
- Management API
- Auth0 Dashboard
- An administrator raises the Maximum Attempts login threshold.