|
|
|
|
|
|
by HenryBemis
2087 days ago
|
|
|
Logging IP address and have some AI/SIEM comparing IPs of regular/past use to IPs on-or-after a password reset can give 'some' level of comfort. E.g. if someone has extensive use from NY-USA IP address and the requests came from a Paris-FR IP address then 99% it is an attack and you block or send out email/SMS (just in case) or 1% that person's company guest WiFi surfaces in another country (e.g. mega-big insurance company in London has corp internet exiting in Chicago and guest network exiting in London). In any case, it is better/safer to cause some slight inconvenience to prevent data leak. |
|
|