Genesys Cloud
Enhanced security measures for failed Genesys Cloud logins
Announced on | Effective date | Aha! idea |
---|---|---|
2024-02-07 | 2024-03-11 | - |
In a future release, Genesys Cloud will respond with ‘unauthorized’ to all failed login requests, even when the user belongs to multiple organizations and the organization name is absent. This aligns with security best practices, deterring user enumeration attempts. As a result, failed logins will undergo a minor usability change. The login failure message will no longer specify a missing organization name; instead, it will offer a generic failure message. Users will be prompted to review their email address, password, and organization name, with dialog boxes to reenter these parameters. This will apply to all login failures, whether for single or multiple organization users.