diff --git a/routes/auth.py b/routes/auth.py
index 0d18349..5fc2554 100644
--- a/routes/auth.py
+++ b/routes/auth.py
@@ -101,7 +101,7 @@ async def check_rate_limit(
     )
     failed_attempts = result.scalars().all()
 
-    if len(failed_attempts) >= 5:
+    if len(failed_attempts) >= 15:
         return False, "Trop de tentatives échouées. Réessayez dans 15 minutes."
 
     return True, ""
@@ -286,7 +286,7 @@ async def login(
         if user:
             user.failed_login_attempts += 1
 
-            if user.failed_login_attempts >= 5:
+            if user.failed_login_attempts >= 15:
                 user.locked_until = datetime.now() + timedelta(minutes=15)
                 await session.commit()
                 raise HTTPException(