mharveyDC
commented
1 month ago Preventing users from setting their password to a password they've used in the past would also be a great addition if they need to change their password, or if their password has expired.
Is your feature request related to a problem? Please describe. To reduce the effectiveness of attempts to compromise a user account, things like preventing an account from logging in if enough failed login attempts have been made would be great.
Describe the solution you'd like A policy that can be attached to an identification stage, that prevents further logins on a user account if a specified limit has been reached, within a specified amount of time, and preventing logins for a specified amount of time would be great.