Login Troubleshooting
"Too many attempts. Please try again later."
Each authentication endpoint has its own rate-limit bucket (per IP):
| Endpoint | Limit |
|---|---|
| Login | 10 attempts / 15 min |
| Password reset | 10 attempts / 15 min |
| Forgot password | 3 attempts / hour |
| Register | 5 attempts / hour |
| Change password | 5 attempts / 15 min |
The HTTP response includes a Retry-After header indicating the wait in seconds.
"Invalid email or password"
- Email is case-insensitive
- Password policy (DKICT KS-03): minimum 12 characters including uppercase, lowercase, digit, and special character
- Check your password manager for autofill mismatches
Forgot Password
Click Forgot Password on the login page. A single-use reset link is emailed via Resend. The link expires quickly. After resetting, you can log in immediately.
Account Locked / 2FA Lost
Contact your organisation admin to reset lockout or disable 2FA via a support ticket.