I have a customer community which uses a custom lightning login page. We have our own email templates for resetting a password which has all been taken care of. Now, Salesforce has a reset password policy which states:
"A user can request to reset a password through the forgot password link a maximum of five times in a 24-hour period."
Currently, if our users reset more than 5 times in 24 hours, they receive an email from Salesforce which we want to avoid as the customers don't need to know anything or receive anything from Salesforce. Now, there is a field on the User object called "Last Password Change or Reset" which is a Date/Time field which could be used in a way to ensure that a user can only reset their password every 4-5 hours but as a customer I might reset my password and then immediately forget it (hey, it does happen!) but if they have to wait 4 hours just to reset it again, that's not a pleasant experience.
So, with all of that being said, the big question – is there a way to retrieve the number of reset password attempts a user has performed within 24 hours? Obviously, Salesforce can keep track of it, but how can we access that? For instance, if the user has reset their password 5 times and they attempt to do it a 6th time within 24 hours, we can retrieve that number (which would be 5) and just display an error message, stop the reset attempt and in turn prevent the user from receiving an email from Salesforce.
In summary,
The problem: Prevent customers from receiving a maximum reset password attempts email from Salesforce. This will happen when a user tries to reset their password for the 6th time within a 24 hour period.
The question: Is there a way to retrieve the number of reset password attempts a user has performed within 24 hours?
Thanks,
Best Answer
Unfortunately Salesforce does not give you any way to retrieve this from the system. The best way to address the need you've outlined is to use a third party identity provider that does provide such granular access and enable Single Sign On.
https://developer.salesforce.com/docs/atlas.en-us.securityImplGuide.meta/securityImplGuide/sso_about.htm