Brute-force protections
Strivacity is designed from the ground up to secure against malicious behavior. This security-by-design approach mitigates against brute-force attacks and limits the ability of suspicious entities to gain unauthorized access to your systems.
Password Brute-force Protection
When someone or something is trying to log in, we detect when a bad password is entered from an IP address too many times for a particular account. When this happens, the session is automatically terminated from the Strivacity instance.
MFA Brute-force Protection
When someone or something is trying to login in, we detect when an incorrect one-time password or magic link timeout occurs from an IP address too many times for a particular account. When this happens, the session is automatically terminated from the Strivacity instance
Suspicious IP Throttling
We monitor the velocity of attempts from an IP address to perform any of the following account-related actions too many times:
- Login
- Registration
- Self-Service Password Reset
- Forgotten Username
- MFA Requests
- Admin Console Access
When this happens, the session is automatically terminated from the Strivacity instance.
Updated 5 months ago