Hi All,
We are trying to set BruteForce Mechanism in the Keycloak. But, the fields which are there for temporary lockout are quite confusing. I checked the description provided by keycloak but it is not straight forward.
Can someone help in understanding with easy examples how these fields work?
Max Login Failure - Total number of login failures after which account will be locked
Wait Increment -
Max Wait - After max wait time reached, user will be enabled automatically
Failure Reset Time - Time after which failure count will be reset (is it applied in the case where user is not locked but login failure count is greater than zero)
Quick Login Check Milliseconds - User will be locked if login is failed multiple times within mentioned time.
Minimum Quick Login Wait -
Along with this we are also trying to get the custom error message to ask user wait before trying multiple logins too quickly.
For this, which class or method we can modify to get the error message? Also, in which keycloak DB table these values get stored?