Automatically Disable Inactive Users After X Days #37758
mihirvadalia
started this conversation in
Ideas
Replies: 2 comments
-
|
+1 - this is required for multiple highly-regulated-industry compliance frameworks - in particular, all those that source requirements from NIST 800-53 control AC-2(3). I would literally use this capability tomorrow, if I could. |
Beta Was this translation helpful? Give feedback.
0 replies
-
|
As far as I understand this, this is already possible with the new Workflows feature: https://www.keycloak.org/docs/26.5.3/server_admin/index.html#tracking-user-activity-and-taking-actions-on-inactivity. With the current version |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
Starting this thread to discuss a feature to automatically disable users who have been inactive for the last X days. This can help mitigate potential security risks by preventing attacks on dormant user accounts.
Proposed Implementation:
This feature would help reduce brute-force attempts on inactive user accounts and enhance overall security.
Let us know your thoughts on this.
Beta Was this translation helpful? Give feedback.
All reactions