User enumeration prevention – best practices
Okta's General Security offers two options in its User enumeration prevention section:
Recovery
Authentication
User enumeration prevention helps prevent attackers from discovering valid user accounts by trying various combinations of usernames. By default, this setting and both of its options (Recovery and Authentication) are disabled.
Recovery and Authentication
Leave the Okta default where the User enumeration prevention setting and both its options are disabled.
If you are considering enabling this setting or either of its options, please create a consulting request for guidance, as the impact of this setting on security and the user experience is highly environment dependent.