All use-cases

Use-case — User & Access

Layered-defense login

Every login runs IP rate-limit → lockout → credentials → device check, all audited.

Four automatic gates, one linear spine.

Every credential submission passes through a rate-limit check, a lockout check, a credentials and MFA check, and a device-fingerprint check before a session is granted. Each failed gate branches off the spine; the happy path stays straight down.

Mail = email sent Bell = in-app alert Amber diamond = automatic check
Submit credentials email + password IP rate-limit 5 req / 60 s pass Account locked? no Credentials + MFA valid? yes New device? fingerprint check no Session granted login event audited limit hit 429 Too Many Requests back-off required yes Account locked lockout-warning email no Fail — increment lockout progressive back-off yes New-device alert email + in-app alert
app/login
Live demo

recording from the demo site — coming soon

Every login clears four automatic gates. IP rate-limit blocks flooding, lockout stops brute-force, credentials + MFA verify identity, and a device fingerprint flags unfamiliar sessions — each failure branches off the spine with its own outcome, all events written to the audit log.