[keycloak-user] Need to stop multiple reset password request
Stan Silvert
ssilvert at redhat.com
Wed Aug 15 15:13:16 EDT 2018
On 8/15/2018 11:49 AM, Khyati Kataria wrote:
> Hi,
>
> As per one of the vulnerability requirement, it should possible to
> block a hacker from flooding user's email box with the password reset
> feature.
>
> Can you please let us know if Keycloak can be configured to prevent
> this vulnerability.
I don't think so. This seems like something that could be handled by
your email server though.
>
>
>
>
>
> Thanks,
> Khyati Kataria
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
More information about the keycloak-user
mailing list