What is the safest approach to test brute-force protections on a production login?

Problem Statement

Abuse testing can lock out users or flood logs. Use a test account, tiny volumes, and rate limits agreed in advance to avoid user impact.

SolutionRead Only

authTest: account=test_user; maxAttempts=20; rate=1/min; stopOnAlert=true

This question appears in the following practice sets: