## Impossible travel

Impossible travel refers to a situation where a user's actions suggest they have accessed a particular system or resource from two different geographic locations within an impossibly short amount of time.

For example, if a user logs into their account from New York and then, within a few minutes, appears to log in from London, it would be considered impossible travel. This kind of activity often indicates a security breach or a compromised account, as it would be physically impossible to travel between those locations in such a short time.

Prerequisites
There are no prerequisites for detecting impossible travel.

### Configure impossible travel

#### In the Frontegg portal

You can choose from the following actions when a user performs impossible travel:

- **Allow** - Let the user continue to the app.
- **Challenge** - Challenge the user with MFA. If they pass, they continue to the app.
- **Block** - Block the login attempt.


![impossible-travel-1](/assets/impossible-travel-1.749439b91dbf257ca0b594dfa645d6d4ab711fa8b0e6ed61bc29887172628323.36f325d1.png)

### How the end user experiences impossible travel on login

- **Allow** - The user is allowed to continue to the app.
- **Challenge** - The user will get an MFA challenge. If they pass, they continue to the app. If they fail, their login gets blocked.
- **Block** - The user will receive a failed login message.


### Notify end users of impossible travel

You can choose to notify users of possible impossible travel attempts by checking the relevant checkbox.

![impossible-travel-2](/assets/impossible-travel-2.edf6925cd8e0ca866f4b59f9699e37854bf9d82a8a2995aa79b3d00673616909.36f325d1.png)

### Analyzing impossible travel in your app

#### Security events

If you’re curious how many times impossible travel events happen in your app, you can view them over time in [Security Events](/ciam/guides/security-center/overview) to see when and where they occurred.