{"componentChunkName":"component---src-pages-markdown-remark-fields-slug-js","path":"/engineering/bruteforce-lock-and-unlock/","result":{"data":{"markdownRemark":{"id":"b9026a02-df51-568b-a4d8-9607a9945690","excerpt":"First, let's understand some basic terminology. Basic Terminology Brute-force attack: A method where every possible combination of characters or values is…","html":"

First, let's understand some basic terminology.

\n

Basic Terminology

\n
    \n
  1. Brute-force attack: A method where every possible combination of characters or values is systematically tried to gain unauthorized access to a system, application, or data.
    2. \n
  2. Brute-force lock: Brute-force lock is a type of account lock made to prevent a bruteforce attack.
    3. \n
  3. Brute-force lockout: Brute-force lockout is a security mechanism that blocks access after a certain number of failed authentication attempts to prevent unauthorized access through repeated trial and error.
    4. \n
  4. CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart): CAPTCHA is a method used to determine whether a user is human by presenting a challenge that is easy for humans to solve but difficult for bots.
    5. \n
  5. Multi-Factor Authentication (MFA): MFA is a security method that requires multiple forms of identification to grant access, typically combining something the user knows, has, and is.
    6. \n
\n

In LoginRadius, you can implement brute-force lockout using APIs.

\n
\n

To implement brute-force lockout, please register in the LoginRadius Admin Console.

\n
\n

Let's go through the API implementation of brute-force lockout and user unlock.

\n

API Implementation for Brute-force Lockout

\n

Creating a Basic Application

\n
    \n
  1. To implement brute-force lockout using API, create a simple app with login and registration features.
    2. \n
  2. This can be done by using Admin Console.
    3. \n
  3. Navigate through Deployment > Identity Experience Framework.
    4. \n
  4. You can design the required application using theme, customization, preview, and implement options.
    5. \n
  5. You can also customize the predefined templates if needed.
    6. \n
\n
\n

You can view the created app using the link https://<app-name>.hub.loginradius.com/auth.aspx in the implement section of the Identity Experience Framework or from the preview section.

\n
\n

Brute-force Lockout

\n

Enabling

\n

In LoginRadius, the brute-force lockout feature can be enabled from the Admin Console.

\n

\n \n \n

\n
    \n
  1. Now, log out and try to log in with incorrect credentials.
    2. \n
  2. If the password is incorrect successively till the lockout threshold, the account gets locked.
    3. \n
  3. Therefore, brute-force lockout is achieved.
    4. \n
\n

\n \n \n

\n
\n

In the Admin Console, you can set the brute-force lockout threshold, lockout type, and suspend effective period.

\n
\n

Lockout Types in LoginRadius

\n

LoginRadius supports the following lockout types:

\n
    \n
  1. Suspend: Suspends further login attempts after multiple failed tries for a certain amount of time, deterring automated attacks and enhancing system security by limiting access from suspicious sources.
    2. \n
  2. \n

    CAPTCHA:

    \n\n
    \n

    Refer CAPTCHA in miscellaneous section to learn more.

    \n
    \n
    3. \n
  3. Security Questions: A personalized query set up by the user to verify identity to unlock a locked account with valid credentials.
    4. \n
  4. Block: Restricts login attempts from a specific source (email ID or username) after multiple failed tries, enhancing security against unauthorized access.
    5. \n
\n

Unlocking an Account Locked through Brute-force Lockout

\n

You can unlock the locked user account in two ways, using:

\n
    \n
  1. Account Update API from the LoginRadius Account API collection.
    2. \n
  2. Auth Unlock Account by Access Token from the LoginRadius Authentication API collection.
    3. \n
\n
\n

For more understanding on Auth Unlock Account, refer Auth Security Configuration

\n
\n

Account Update API from the LoginRadius Account API Collection

\n

Calling the Account Update API with the provided endpoint, using the given method, providing the apisecret and apikey, and formatting the given body will unlock the account.

\n
    \n
  1. Endpoint: https://api.loginradius.com/identity/v2/manage/account/{uid}
    2. \n
  2. Method: PUT
    3. \n
  3. Parameters: apisecret, apikey
    4. \n
  4. Body:
    5. \n
\n
{\n   ...\n  "FirstName": "Test",\n  "MiddleName": null,\n   ...\n}
\n
    \n
  1. Response:
    2. \n
\n
{\n    ...\n    "LoginLockedType": "None",\n    "Email": [\n        {\n            "Type": "Primary",\n            "Value": "user1@yopmail.com"\n        }\n    ],\n    ...\n}
\n
\n

\n \n \n

\n

Conclusion

\n\n

Miscellaneous

\n

CAPTCHA

\n

LoginRadius supports the following types of CAPTCHAs:

\n\n

Multi-Factor Authentication (MFA):

\n\n

To understand more about LoginRadius APIs, refer to the API docs.

\n","headings":[{"value":"Basic Terminology","depth":2},{"value":"API Implementation for Brute-force Lockout","depth":2},{"value":"Creating a Basic Application","depth":3},{"value":"Brute-force Lockout","depth":3},{"value":"Enabling","depth":4},{"value":"Testing","depth":4},{"value":"Lockout Types in LoginRadius","depth":3},{"value":"Unlocking an Account Locked through Brute-force Lockout","depth":3},{"value":"Account Update API from the LoginRadius Account API Collection","depth":4},{"value":"Conclusion","depth":2},{"value":"Miscellaneous","depth":2},{"value":"CAPTCHA","depth":3},{"value":"Multi-Factor Authentication (MFA):","depth":3}],"fields":{"slug":"/engineering/bruteforce-lock-and-unlock/"},"frontmatter":{"metatitle":null,"metadescription":null,"description":"In this blog, you'll learn about brute-force lockout, the creation of a basic app using Identity Experience Framework, and how to unlock a user account using APIs.","title":"Testing Brute-force Lockout with LoginRadius","canonical":null,"date":"May 29, 2024","updated_date":null,"tags":["Brute-force","LoginRadius","Authentication"],"coverImage":{"childImageSharp":{"fluid":{"aspectRatio":1.5037593984962405,"src":"/static/1ff36040268e755844bfd2e543baf5b5/03979/implementing-brute-force-lockout.png","srcSet":"/static/1ff36040268e755844bfd2e543baf5b5/f5f11/implementing-brute-force-lockout.png 200w,\n/static/1ff36040268e755844bfd2e543baf5b5/6d133/implementing-brute-force-lockout.png 400w,\n/static/1ff36040268e755844bfd2e543baf5b5/03979/implementing-brute-force-lockout.png 800w,\n/static/1ff36040268e755844bfd2e543baf5b5/aca38/implementing-brute-force-lockout.png 1200w","sizes":"(max-width: 800px) 100vw, 800px"}}},"author":{"id":"Gayathri Suresh","github":"gayathrisuresh150501","bio":"Discover the World of a Dynamic Software Engineer: Competitive Coder, Gamer, Badminton, and Handball Player. Enjoys Novels, Embraces All-Round Development, and Passionate about Making a Difference!","avatar":null}}}},"pageContext":{"id":"b9026a02-df51-568b-a4d8-9607a9945690","fields__slug":"/engineering/bruteforce-lock-and-unlock/","__params":{"fields__slug":"engineering"}}},"staticQueryHashes":["1171199041","1384082988","1711371485","1753898100","2100481360","229320306","23180105","528864852"]}