Our signUp page starts with entering a username and validating the username against the directory. In case of a wrong username attempt, we need to track the IP address of a user and after a certain number of the wrong attempt, we need to disallow the user for more attempts for 10 mins.
Asked
Active
Viewed 337 times
1
-
Please refer this it may help you : https://learn.microsoft.com/en-us/azure/active-directory-b2c/threat-management – RahulKumarShaw Feb 07 '22 at 09:55
1 Answers
0
You can lockout the the account for specific time period of time who is trying to login with wrong credentail.
In the left menu, select Azure AD B2C. Or, select All services and search for and select Azure AD B2C.
Under Security, select Authentication methods (Preview), then select Password protection.
Under Custom smart lockout, enter your desired smart lockout settings:
Lockout threshold : You can set the a count after that sigin try use account will be lockout..
Lockout duration in seconds: For this Specfied period of time user can not login.
Reference : https://learn.microsoft.com/en-us/azure/active-directory-b2c/threat-management
You can track the IP address of user in sigin activity logs.
You can refer this MS document under View audit logs in the Azure portal
RahulKumarShaw
- 4,192
- 2
- 5
- 11