How to Limit Login Attempts in Laravel

Published on June 28, 2020 31 sec read

We're available to do freelance project. Take a look at our services!

In this article, I’m going to show how to set limit login attempts. If user tries to log in more than 5 times per minute, they will get an error message. We’re able to customize the limit and block time. I’m testing on Laravel 7.17.2.

Table of Contents

  1. Set Limit
  2. Change Error Text

Set Limit

Open app/Http/Controllers/Auth/LoginController.php file and add these 2 properties:

class LoginController extends Controller
    protected $maxAttempts = 3; // default is 5
    protected $decayMinutes = 2; // default is 1
    // ...

Now if we enter 3 times wrong email or password in a row, we’ll see a warning message like:

Change Error Text

We can change the error message easily. Open resources/lang/en/auth.php file and write your messages here:

return [
    'failed' => 'These credentials do not match our records.',
    'throttle' => 'Too many login attempts. Please try again in :seconds seconds.',
That’s it. Thanks for reading. 🙂


Hey, I'm Md Obydullah. I build open-source projects and write on Laravel, Linux server, modern JavaScript and more on web development.


Leave a Reply

Your email address will not be published. Required fields are marked *