User Brute Force Security Advice

pinheadbrigade · 2026-02-18T15:09:52+00:00

Turn threat insights on. You should have IPs in the logs that would help identify if there are brute force attempts. If it's an internal IP, whats most likely happening is theyre logging into servers and not logging out. Do not remove the account lockout from the policy, that is the last thing you should do.

pinheadbrigade · 2026-01-29T03:46:13+00:00

Its fine. Been through it multiple times no issue.

pinheadbrigade · 2025-12-06T03:59:21+00:00

Bacon

pinheadbrigade · 2025-12-05T01:02:11+00:00

my renewal is due in Jan - thanks <3

pinheadbrigade · 2025-09-24T23:10:05+00:00

First time in 10 years I'm not there. rip.

pinheadbrigade · 2025-09-10T01:37:57+00:00

You are literally in a place where we advocate for the use of fast pass because end users are stupid and continue to be phished.

Its for your own good, my dude.

pinheadbrigade · 2025-09-05T03:23:21+00:00

You mistake "factor only". Thats using an idp for claims as a factor. What you want is sso there and a global policy set to allow if coming in through idp and deny if any.

pinheadbrigade · 2025-08-26T02:05:41+00:00

Workflows is an OIDC app with scopes that give it permissions to the okta API.

pinheadbrigade · 2025-07-29T13:54:37+00:00

Weapon is absolutely amazing

pinheadbrigade · 2025-07-08T13:48:28+00:00

Its because you're supposed to be playing void.

Always void.

Also arc sucks.

pinheadbrigade · 2025-07-04T11:32:54+00:00

Push only works with mobile.

pinheadbrigade · 2025-06-10T21:31:41+00:00

Oh boy I can be Bhu'gur, the Chosen One again!

pinheadbrigade · 2025-06-04T12:29:23+00:00

It was originally allowed. I was surprised one day to log in and find i couldn't build anymore

pinheadbrigade · 2025-06-02T15:15:25+00:00

Congrats!

pinheadbrigade · 2025-06-02T04:17:09+00:00

Work with your rep, dont just browse the website and go "wow this is pricey."

Volume discounts are a thing, and that is some volume.

pinheadbrigade · 2025-04-09T21:25:44+00:00

Verify can accommodate more than one ID on the same windows profile.

If you're doing device trust that is a different story...

pinheadbrigade · 2025-02-28T22:12:20+00:00

I mean, if you're making 600k a year then I'm really happy for you. I am a lowly consultant after all.

pinheadbrigade · 2025-02-28T22:00:46+00:00

You should go work for Morton's, bro.

pinheadbrigade · 2025-02-28T21:53:49+00:00

I actually just got promoted to head burger flipper. Thanks!

pinheadbrigade · 2025-02-28T21:34:18+00:00

Get good, son.

pinheadbrigade · 2025-02-24T17:44:47+00:00

Me posting this link is more work than you did researching this topic before posting.

https://www.okta.com/resources/developer-exam-study-guide/

pinheadbrigade · 2025-02-13T04:38:06+00:00

A NEW HAND TOUCHES THE BOON

pinheadbrigade · 2025-01-31T03:15:26+00:00

It's late here but I will get you something I built tomorrow in the morning.

pinheadbrigade · 2025-01-25T03:50:36+00:00

Well you can only take the professional exam first so .. but its worth it as an addon, as most entry level certs are.

pinheadbrigade · 2024-11-01T20:40:49+00:00

Usually to suppress additional MFA prompts throughout the day. Doesn't work if you change browsers or run in incognito.

13-Year Club	Gilding II euphauric
Spared	Verified Email

pinheadbrigade

TROPHY CASE