How to edit the limit of attempts to change a password in AWS Cognito?

I am on the Cognito team. This is not configurable. We do have protection mechanisms to prevent users from abusing forgot password APIs which is probably what you are witnessing.


Cognito allows 5 password reset/sign-in attempts.

After the allowed number is exceeded the service starts temporary lockouts with exponentially increasing times. Here you can find more details on how it happens: https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-authentication-flow.html


this is not the exact answer e.g. attempts limit is not configurable for sure. but still, if you want to test multiple times, you can try different emails e.g. if attempts limits exceed for your Email1, you can start attempting with Email2. Also, note that you can receive the emails for Email1 and Email2 on a single email address e.g suppose your Email1= [email protected] you can register your Email2 [email protected] This way you can receive emails on [email protected] for both Email1 and Email2