Hi CDC Experts,
Is it possible to create RBA (Risk Based Policy) to lock an account for a duration based on number of attempts that were made to answer security question to retrieve/reset the password.
If such a rule can be created based on this factor, can a custom action be defined on this policy to trigger a process like triggering an email or setting a custom value to user account data object to maybe save the timestamp when the user account was locked because i could not find this attribute in getAccountInfo method.
thank you!