From time to time you may find that an account has been banned by the system - you will have received an email to say what has happened - and you will need to re-enable the account before it can be used again.
You are the best person to decide whether or not the account should be re-enabled once you make an assessment of whether the account holder was complicit in whatever actions got the account banned, or was just careless with their password.
If you determine that the user was complicit, you should not immediately delete the account as you will need that for any further investigation that may come up - i.e. publishers may be in touch about other things that have happened involving that account.
There are three ways:
Accounts that are blocked due to rules you have put in place on a local connection cannot be re-enabled this way. You would need to adjust the rule that blocked them, or change the account property that is triggering the rule in your local directory.
When we detect activity that is consistent with misuse our systems will automatically suspend the account, display a message to that effect and email the account holder and their administrator.
Example: an account signs in from Australia, then 20 minutes later signs in again from India, and then an hour after that from Argentina. This is certainly not going to be the account holder going to those three countries so quickly, so the account is suspended.
Whilst the specific activity described above will definitely get an account banned, the actual thresholds and activities we monitor are not discussed.
This product includes GeoLite2 data created by MaxMind, available from https://www.maxmind.com