diff --git a/api/controllers/console/auth/error.py b/api/controllers/console/auth/error.py
index d3e7a14506..4c102bda58 100644
--- a/api/controllers/console/auth/error.py
+++ b/api/controllers/console/auth/error.py
@@ -41,3 +41,11 @@ class EmailOrPasswordMismatchError(BaseHTTPException):
     error_code = "email_or_password_mismatch"
     description = "The email or password is mismatched."
     code = 400
+
+
+class EmailPasswordLoginLimitError(BaseHTTPException):
+    error_code = "email_code_login_limit"
+    description = (
+        "Too many incorrect password attempts. Please verify your identity with the email code to complete login."
+    )
+    code = 429
diff --git a/api/controllers/console/auth/login.py b/api/controllers/console/auth/login.py
index 9b19231f60..f574e7f998 100644
--- a/api/controllers/console/auth/login.py
+++ b/api/controllers/console/auth/login.py
@@ -11,6 +11,7 @@ from controllers.console import api
 from controllers.console.auth.error import (
     EmailCodeError,
     EmailOrPasswordMismatchError,
+    EmailPasswordLoginLimitError,
     InvalidEmailError,
     InvalidTokenError,
 )
@@ -38,7 +39,7 @@ class LoginApi(Resource):
 
         is_login_error_rate_limit = AccountService.is_login_error_rate_limit(args["email"])
         if is_login_error_rate_limit:
-            raise EmailOrPasswordMismatchError()
+            raise EmailPasswordLoginLimitError()
 
         try:
             account = AccountService.authenticate(args["email"], args["password"])