Makes sense. Should probably just be an option in brute force protection.
It would also have to logout the current session I guess, which brute force
doesn't do.
On 28 August 2017 at 19:58, John D. Ament <john.d.ament(a)gmail.com> wrote:
Hi,
Very obscure pattern here. We want to be able trigger brute force tracking
when someone incorrectly enters their current password on the change
password screen. It looks like we can do this in events, but wondering if
this is a common use case that makes sense to do in core of keycloak?
John
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user