Back to Home PageView SDKs on GithubView APIs in ReadmeSystem Status
Search…
Prague
Strivacity Fusion: Prague Release
SUPPORT INFORMATION
Raising a Support Ticket
Security Vulnerability Response
Reporting a Security Issue
Our Service Level Commitment
Getting Started
Overview
Product Components
Pre-Configured Best Practices
Using the Dashboard
Overview
APIs
Using the REST APIs
Adaptive APIs
Administrative APIs
Anonymous Visitor and Consent APIs
Authentication APIs
Customer Lifecycle APIs
Customer Self-Service APIs
API security policy
Setup and Manage
Adaptive Multi-factor Authentication
Claim Dialects
Consent Management
Enterprise Login
Identity Stores
Password Polices
Integrate Your Applications
Lifecycle Event Hooks
Notification Policies
Self-service
Rebranding and Customization
Using Your Own Brand, Logos, and Color Schemes
Using Multiple Custom Domain Names
Customizing Email Templates
Customizing SMS Templates
Rebranding the Admin Console
Localization
Managing Accounts and Groups
Overview
Creating an Account
Editing an Account
Delete an Account
Enable/Disable an Account
Creating a Group
Deleting a Group
Managing Group Membership
Configuration
Admin Roles
Admin Adaptive MFA
Admin Branding
Admin Notifications
Admin Users
General
Logging
REST API Access Policies
Integrations
CRM, CDP, and Marketing
External identity providers
Passwordless
Identity proofing
Productivity
Security
Social Login
Developer SDKs
Overview
Android Mobile SDK
iOS Mobile SDK
Architecture and Deployment
Rate Limiting
Brute-force Protections
Regional Availability
Powered By GitBook
Brute-force Protections
Strivacity Fusion is designed from the ground up to secure against malicious behavior. This security-by-design approach mitigates against brute-force attacks and limits the ability of suspicious entities to gain unauthorized access to your systems.

Password Brute-force Protection

When someone or something is trying to log in, we detect when a bad password is entered from an IP address too many times for a particular account. When this happens, the session is automatically terminated from the Strivacity instance.

MFA Brute-force Protection

When someone or something is trying to login in, we detect when an incorrect one-time password or magic link timeout occurs from an IP address too many times for a particular account. When this happens, the session is automatically terminated from the Strivacity instance

Suspicious IP Throttling

We monitor the velocity of attempts from an IP address to perform any of the following account-related actions too many times:
  • Login
  • Registration
  • Self-Service Password Reset
  • Forgotten Username
  • MFA Requests
  • Admin Console Access
When this happens, the session is automatically terminated from the Strivacity instance.
Architecture and Deployment - Previous
Rate Limiting
Next - Architecture and Deployment
Regional Availability
Last modified 6mo ago
Export as PDF
Copy link
Contents
Password Brute-force Protection
MFA Brute-force Protection
Suspicious IP Throttling