Be alerted to potential security issues
A recommendation from a recent pen test was to setup account lockout alerts to warn in the event of an attacker attempting to brute-force logins.
Is this something that Kinde handles? I cannot find anything specific in the UI or docs. Looking at webhooks I was thinking it could be possible by capturing the user.authentication_failed event and processing externally?
6 Replies
Hi there, thanks for reaching out.
Kinde automatically provides brute-force protection by locking out accounts after a configurable number of failed sign-in attempts (defaults: 5 attempts, 5-minute lockout), but it does not natively send alerts or notifications when an account is locked out due to repeated failures
If I understand you correctly, you want to warn the attackers before locking out the accounts?
Hi Patrick, thanks for the quick response. We are looking to be able to be alerted to potential escalating threats to our business, in this case by detecting an unusually high number of lockout events with the view to then be able to respond in some way.
Hi there, I understand.
As I mentioned earlier, Kinde does not offer a built-in solution for this issue. However, as you pointed out, you can implement custom logic using webhooks. I will reach out to our engineering team to see if they have any valuable insights on this matter.
Piggy-backing off of this, it would be great if Kinde could consider offering this sort of capability (even if it's just some report available via your admin portal).
Whilst a webhook solution may exist, it feels like this fall more in the area of responsibility of Kinde than those of us sitting at the 'application layer'.
Having had to respond to many RFPs in the past, this is not an unusual question to have to respond to.
Hi there, that sounds reasonable. You can submit your idea using the "Leave feedback" or "Share your thoughts" option on the feature hub page so we can plan for our roadmap.
https://updates.kinde.com/
NP, done