<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeCommunityForum
0D50Z00008Zgvj5SABOkta Classic EngineMulti-Factor AuthenticationAnswered2021-02-08T17:18:47.000Z2018-11-09T06:21:27.000Z2018-11-09T19:50:30.000Z

FrancoisD.20899 (Security) asked a question.

November 9, 2018 at 6:21 AM
protect accounts to prevent them from being locked by attackers

Hello.

 

We deployed a Okta policy to locked the account after 5 failed attempts for 5 minutes for a web applciation.

But some script kiddies try to guess the password, and change IP using a free proxy list every 30 seconds. With more than 500 free proxy, updated every days, manually blocked the IPs is not a solution.

Legitimate users are now blocked.

 

What is the best solution to prevent this, without adaptive MFA, to prevent this situation.

 

Thanks

 

  • 1 answer
  • 698 views

  • bj.lillo1.5120064354347244E12 (Okta, Inc.)

    If the attacks are starting on Office 365, the best way to combat the account lockouts when Adaptive MFA is unavailable is to disable legacy auth protocols (EAS/POP3/IMAP) on the Office 365 side which are the most popular attack vector at this point. There are possible repercussions for this to your end users, so please verify ahead of time that this is an acceptable resolution.

     

    Thank you,

     

    BJ Lillo

    Senior Technical Support Engineer

    Okta Global Customer Care

    Expand Post
This question is closed.
Loading
protect accounts to prevent them from being locked by attackers