Multiple Organization Authentications - exclude specific account

We have been pestered by “Multiple Organization Authentications” alert a lot lately.

Since July this alert has been triggered about 180 times by a single account.

The account is known shared account so it is perfectly normal to observe authentication events from this account from multiple ISPs.

Unlike most other alerts there is no option to create any exclusions.

Have anyone experienced the same issue?
Is there an obvious solution that I am missing?

Many thanks

Hello @krasimir_ivanov,

Just curious, have you contacted support regarding this issue? They can help on their side with some recommendations or fine tuning you could do, or if it’s the case, raise this up as a bug or missing feature in the UI.


Hi Felipe,

Yes I did contacted the support.

Basically we are not the only customer with this issue.
Rapid7 are working on such feature, but there is no ETA.