[keycloak-user] Resending multiple emails via Keycloak and Missing Brute Force Detection message

[Katarzyna Sycz]

Hello,

We started using the Keycloak lately and we want to implement and adjust it
for our clients. However, we found two issues and I would like to ask you
for an answer. Unfortunately, I was not able to find a solution or
information in the docs.

   1. The issue concerns emails sent from Keycloak (for example, password
   reset, verification email) - now a user can keep clicking "Resend" link as
   many times as he wants. Are we able to limit it somehow to prevent spamming?
   2. Brute Force Detection - it seems to be working (user is blocked after
   5 attempts of inserting incorrect password as I see in the event log) but
   no message is shown, so a user can keep trying to log in because he is not
   informed he has been blocked. Can we somehow set an interface message for
   that?

I would appreciate any help.

Kind regards,
Katarzyna Sycz
-- 
[image: Eventival logo] <https://www.eventival.com/>
*Katarzyna Sycz*
Junior Software Developer
katarzyna.sycz at eventival.com
+420  <+420608632508>773 978 859
www.eventival.com