How to test the risk based authentication journey using autonomous nodes for brute force or credential stuffing?


We have built the risk based authentication referring to this link Use case: Configure protection against credential stuffing and brute force attacks in ForgeRock Identity Cloud using autonomous signal, access nodes. However could someone give more inputs as to how we can test the different signals. For Eg? If i have to test the brute force attack and i try to login a user using invalid credentials for a number of times (frequent authentication attempts), the autonomous access node still takes the risk “low” path and prompts for MFA, so when does this node signal it as a high risk and follow that journey path?.

Thanks and Regards

1 Like