We've added a security layer on the member portal login side, where, the number of unsuccessful tries plays a major role.
It means that, on the portal, we'll be providing the maximum number of 6 attempts where the user has to login successfully to the account. If the user has consecutively 6 login fail attempts, their account will either be blocked for 24 hours or they will have to reset the password.
If it's the first or second attempt, you will be able to see an error message stating "Invalid email/password combination"
If it's a consecutive failure attempt after the first and second, you will be able to see an error message stating "Invalid email/password combination. N Attempts Remaining." where N = Total attempts (6) - Current attempt
When it's a third consecutive unsuccessful attempt -
You will either need to wait 24 hours to regain the new 6 attempts or reset the password.
In the case mentioned above, as the chain of consecutive 6 failed attempts is broken, then post the successful attempt, the user will again receive 6 attempts for the retry.
This feature is available with the following license :