Reputation: 67
Are Azure Smart Lockout features now available for B2C
I'm trying to determine if Azure Smart Lockout features are now available for B2C as of today? I've found older documents discussing it, but I'm unable to find any official word if it is now available. In the B2C tenant, under AD, Authentication methods is showing and you can open it up. However, it says its in Preview and everything greyed out. Does this mean that it will be available in B2C soon to be able to control lockout parameters? Azure Smart Lockout documentation states that Smart Lockout will require minimum of AD Basic or high account to function. Does anyone know if the B2C tenant will require its own lic or will a lic in the base subscription cover it?
Thx
Upvotes: 1
Views: 1451
Answers (3)
Reputation: 1
Azure Smart Lockout features are available for B2C. See this article for details. I wasn't able to save those values for some of my B2C tenants from Azure portal, but i was able to change Lockout threshold and lockout duration using Graph API using instructions from this post.
Upvotes: 0
Reputation: 2378
Similar functionality to "smart lockout" is available in a B2C tenant, but isn't (yet) customisable.
Screenshot below of testing getting locked out after entering the password incorrectly 10 times (the default setting).
According to Microsoft docs (https://learn.microsoft.com/en-us/azure/active-directory-b2c/active-directory-b2c-reference-threat-management)
Azure AD B2C uses a sophisticated strategy to lock accounts. The accounts are locked based on the IP of the request and the passwords entered. The duration of the lockout also increases based on the likelihood that it's an attack. After a password is tried 10 times unsuccessfully, a one-minute lockout occurs.
[cut]
Currently, you can't:
- Trigger a lockout with fewer than 10 failed logins
- Retrieve a list of locked out accounts
- Configure the lock out policy
Upvotes: 0
Reputation: 14654
If you are referring to Azure AD smart lockout being available for the local accounts in an Azure AD B2C tenant, then currently this isn't available.
Also note, the Azure AD Basic and Premium licenses aren't applicable to an Azure AD B2C tenant (in fact, the "Licenses" menu should be disabled).
Upvotes: 1
Related Questions
- Azure AD B2C block sign in from external identity providers
- How to test the lockout policy of azure ad b2c
- Can we use AD level features(like conditional access policy and device management, etc) in Azure AD B2C?
- Azure AD B2C authentication
- Azure AD b2c Account lockout threshold
- Azure ad b2c account lockout
- Does Azure Active Directory B2C already support Multifactor Authentication Security Questions?
- Securing of passwords in Azure AD B2C
- Azure B2C signIn policy - lack of functionality