I have implemented a change password feature and now I would like to test it. But I face the limit of attempts. What should I do to prevent this error?
Attempt limit exceeded, please try after some time
To change a Cognito user's password, use the admin-set-password command, setting the --permanent parameter. Copied! The admin-set-user-password command allows us to set a user's password as an administrator. We can set the user's password to a temporary or permanent one.
To allow all IAM users change their own passwordsSign in to the AWS Management Console and open the IAM console at https://console.aws.amazon.com/iam/ . In the navigation pane, click Account settings. In the Password policy section, choose Change password policy if your account uses the default password policy.
It is not possible to get a user password from AWS Cognito. Cognito just lets the user reset his password but it has got no API call to perform password retrieval and it's not meant to do that for security reasons.
It doesn't look like expiration is built into the password policy. You could track password expiration by adding a passwordUpdatedAt field and manually updating that attribute on user sign up and on changePassword .
I am on the Cognito team. This is not configurable. We do have protection mechanisms to prevent users from abusing forgot password APIs which is probably what you are witnessing.
this is not the exact answer e.g. attempts limit is not configurable for sure. but still, if you want to test multiple times, you can try different emails e.g. if attempts limits exceed for your Email1, you can start attempting with Email2. Also, note that you can receive the emails for Email1 and Email2 on a single email address e.g suppose your Email1= [email protected] you can register your Email2 [email protected] This way you can receive emails on [email protected] for both Email1 and Email2
Cognito allows 5 password reset
/sign-in
attempts.
After the allowed number is exceeded the service starts temporary lockouts with exponentially increasing times. Here you can find more details on how it happens: https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-authentication-flow.html
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With