we are currently having a lot of our users account being lock out by UN-authorized users doing brute force attack.
To Prevent Accounts from being Lock Out, is there a way that you can a) enable the MFA request first and then B) ask users for their Username and Password. ???
any suggestion or information will be highly appreciated.