diff --git a/app/auth/views/mfa.py b/app/auth/views/mfa.py
index 949a2831..9af158ab 100644
--- a/app/auth/views/mfa.py
+++ b/app/auth/views/mfa.py
@@ -97,8 +97,14 @@ def mfa():
ALERT_INVALID_TOTP_LOGIN,
user.email,
"There was an unsuccessful login on your SimpleLogin account",
- render("transactional/invalid-totp-login.txt"),
- render("transactional/invalid-totp-login.html"),
+ render(
+ "transactional/invalid-totp-login.txt",
+ type="TOTP",
+ ),
+ render(
+ "transactional/invalid-totp-login.html",
+ type="TOTP",
+ ),
1,
)
flash("Incorrect token", "warning")
diff --git a/app/auth/views/recovery.py b/app/auth/views/recovery.py
index 3d2a4249..d72672fe 100644
--- a/app/auth/views/recovery.py
+++ b/app/auth/views/recovery.py
@@ -5,8 +5,9 @@ from flask_wtf import FlaskForm
from wtforms import StringField, validators
from app.auth.base import auth_bp
-from app.config import MFA_USER_ID
+from app.config import MFA_USER_ID, ALERT_INVALID_TOTP_LOGIN
from app.db import Session
+from app.email_utils import send_email_with_rate_control, render
from app.extensions import limiter
from app.log import LOG
from app.models import User, RecoveryCode
@@ -67,6 +68,21 @@ def recovery_route():
else:
# Trigger rate limiter
g.deduct_limit = True
+ send_email_with_rate_control(
+ user,
+ ALERT_INVALID_TOTP_LOGIN,
+ user.email,
+ "There was an unsuccessful login on your SimpleLogin account",
+ render(
+ "transactional/invalid-totp-login.txt",
+ type="recovery",
+ ),
+ render(
+ "transactional/invalid-totp-login.html",
+ type="recovery",
+ ),
+ 1,
+ )
flash("Incorrect code", "error")
return render_template("auth/recovery.html", recovery_form=recovery_form)
diff --git a/templates/emails/transactional/invalid-totp-login.html b/templates/emails/transactional/invalid-totp-login.html
index bc950c88..b8af0d34 100644
--- a/templates/emails/transactional/invalid-totp-login.html
+++ b/templates/emails/transactional/invalid-totp-login.html
@@ -2,7 +2,7 @@
{% block content %}
{{ render_text("There has been an unsuccessful login attempt on your SimpleLogin account.") }}
- {{ render_text("An invalid TOTP code was provided but the email and password were provided correctly.") }}
+ {{ render_text("An invalid " ~ type ~ " code was provided but the email and password were provided correctly.") }}
{{ render_text("This request was blocked. However, if this was not you, please change your password immediately.") }}
{{ render_button("Change your password", URL ~ "/dashboard/setting#change_password") }}
diff --git a/templates/emails/transactional/invalid-totp-login.txt b/templates/emails/transactional/invalid-totp-login.txt
index 314f9c51..78bbe810 100644
--- a/templates/emails/transactional/invalid-totp-login.txt
+++ b/templates/emails/transactional/invalid-totp-login.txt
@@ -1,5 +1,5 @@
There has been an unsuccessful login attempt on your SimpleLogin account.
-An invalid TOTP code was provided but the email and password were provided correctly.
+An invalid {{type}} code was provided but the email and password were provided correctly.
This request was blocked. However, if this was not you, please change your password immediately.
{{URL}}/dashboard/setting#change_password