[keycloak-user] Enabling Brute Force detection on account management changes
Stian Thorgersen
sthorger at redhat.com
Wed Aug 30 02:41:15 EDT 2017
Makes sense. Should probably just be an option in brute force protection.
It would also have to logout the current session I guess, which brute force
doesn't do.
On 28 August 2017 at 19:58, John D. Ament <john.d.ament at gmail.com> wrote:
> Hi,
>
> Very obscure pattern here. We want to be able trigger brute force tracking
> when someone incorrectly enters their current password on the change
> password screen. It looks like we can do this in events, but wondering if
> this is a common use case that makes sense to do in core of keycloak?
>
> John
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
More information about the keycloak-user
mailing list