While logging into your web application, you may sometimes type in the wrong credentials. Either your email address or password may not match. Your web application has a limit to the number of times the invalid entry of a user is permitted in an hour as a security measure.
- As a user, you are allowed to enter invalid credentials (email, password combo) up to a max of 10 times in an hour. Say, you forgot your password, you can reset your password using the Forgot password option before reaching the limit.
- If you continue entering invalid credentials more than 10 times, you will receive the following error:
- After 2 hours, you can try logging in again.
- You will also get an email with an unlock link sent to your email once your account gets locked. You can click on the link to unlock your account immediately.
Note: The above limit is inclusive of both Web and Mobile logins together. Say you login successfully after 5 invalid attempts, your limit is restored to 10 per hour.