The article clarifies whether the maximum number of incorrect passwordless codes an end user can enter can be modified, and provides the associated error messages. When an email passwordless user enters an incorrect code three or more times, they are prevented from signing in. The system displays a misleading error message to the user.

The error message returned after the maximum number of attempts is reached is:

You've reached the maximum number of attempts. Please try to login again.

The error message returned before the maximum is reached is:

Wrong email or verification code.

• Email Passwordless connection

• Classic Universal Login (UL) with LockPasswordless template

• User enters the passwordless code incorrectly three or more times

The maximum of three attempts to input the passwordless code is a hardcoded value. The end user needs to attempt to sign in again to access the application.

To resolve the login failure, the user must initiate a new authentication transaction. Requesting a new passwordless code without starting a new sign-in attempt will not clear the maximum attempts counter.

Review the tenant logs to confirm the behavior and troubleshoot the issue.

1. Ask the user for the email address they used when the issue occurred.

2. Review the tenant logs related to the user.

3. Reproduce the issue in a test tenant to confirm the behavior.

NOTE: If a system file was deleted, the problem occurred because of that deletion.