We had a staff user that was attempting to login for the first time to the beta environment and failed multiple times over the course of several days while traveling. This combination caused the Cognito threat protection system to block the user from logging in as it was flagged as a risk of account takeover. We have some configuration we can set to determine when a user should be blocked, or when they should just be required to use MFA (which we already do by default for prod and beta)
The purpose of this ticket is to determine what configuration options we have available and configured those desired changes in Cognito, if any, as determined by management.
This may be part of MVP launch, or we may decide to address it if more issues like this pop up, as it should only require minor configuration changes to implement.
Notes
Questions
Assumptions
Estimate
3
Implementation Notes
We had a staff user that was attempting to login for the first time to the beta environment and failed multiple times over the course of several days while traveling. This combination caused the Cognito threat protection system to block the user from logging in as it was flagged as a risk of account takeover. We have some configuration we can set to determine when a user should be blocked, or when they should just be required to use MFA (which we already do by default for prod and beta)
The purpose of this ticket is to determine what configuration options we have available and configured those desired changes in Cognito, if any, as determined by management.
This may be part of MVP launch, or we may decide to address it if more issues like this pop up, as it should only require minor configuration changes to implement.
Notes
Questions
Assumptions
Estimate
3
Implementation Notes