Enhanced security measures for failed Genesys Cloud logins
| Announced on | Effective date | Release Note |
|---|---|---|
| February 7, 2024 | March 11, 2024 | March 11, 2024 |
In a future release, Genesys Cloud will respond with ‘unauthorized’ to all failed login requests, even when the user belongs to multiple organizations and the organization name is absent. This aligns with security best practices, deterring user enumeration attempts. As a result, failed logins will undergo a minor usability change. The login failure message will no longer specify a missing organization name; instead, it will offer a generic failure message. Users will be prompted to review their email address, password, and organization name, with dialog boxes to reenter these parameters. This will apply to all login failures, whether for single or multiple organization users.
