Skip to main content

Limiting OTP retries

You can change how many times a user can attempt to enter an OTP before they have to enter their email / phone number again (thereby force generating a new OTP). By default, this is set to 5 attempts, and can be modified by changing the passwordless_max_code_input_attempts core config:

docker run \  -p 3567:3567 \  -e PASSWORDLESS_MAX_CODE_INPUT_ATTEMPTS=3 \  -d registry.supertokens.io/supertokens/supertokens-<db name>