Forum Discussion
Impossible travel alerts on failed logins
Just to make sure I'm properly tracking your question, you want to be able to filter not just for impossible travel events but also only when those impossible travel events lead to a successful logon? Is that correct?
- Tim SettarJul 17, 2019Copper Contributor
Correct.
Ultimately I am trying to find a way to automate some of the user alerts to email them suspicious activity and give them the option to go change their password. The alerts need to be digestible and understood by them though. If they are traveling and access email on their phone and then get into RDS or VPN.. boom! impossible travel. The Impossible Travel alerts description also includes all those failed login locations.
For accounts that we know have been compromised based on some criteria, I see an automated flow that logs them out of all apps, resets their password and then text them that password to their MFA phone number. I know I'm dreaming but one day we will get there.
Thanks for taking the time to get back to me!
- jvaidyaMay 13, 2020Copper Contributor
We have been experiencing the same issue with impossible travel alert, I wonder if you managed to find out a solution for this issue which you can share with the community.
Many thanks in advance,
- Tim SettarMay 13, 2020Copper Contributor
jvaidya No, I never did. Our new security team has taken over management so I'm no longer working on it.