diff --git a/.env.example b/.env.example
index 944dba0..54773c4 100644
--- a/.env.example
+++ b/.env.example
@@ -88,3 +88,5 @@ FIREBASE_MEASUREMENT_ID=
 
 FIREBASE_DATABASE_URL=
 
+OTP_LIMITER=
+
diff --git a/src/auth/services/user-auth.service.ts b/src/auth/services/user-auth.service.ts
index 358f028..9a9c670 100644
--- a/src/auth/services/user-auth.service.ts
+++ b/src/auth/services/user-auth.service.ts
@@ -20,6 +20,7 @@ import { UserEntity } from '../../../libs/common/src/modules/user/entities/user.
 import * as argon2 from 'argon2';
 import { differenceInSeconds } from '@app/common/helper/differenceInSeconds';
 import { LessThan, MoreThan } from 'typeorm';
+import { ConfigService } from '@nestjs/config';
 
 @Injectable()
 export class UserAuthService {
@@ -32,6 +33,7 @@ export class UserAuthService {
     private readonly emailService: EmailService,
     private readonly userRoleRepository: UserRoleRepository,
     private readonly roleTypeRepository: RoleTypeRepository,
+    private readonly configService: ConfigService,
   ) {}
 
   async signUp(userSignUpDto: UserSignUpDto): Promise<UserEntity> {
@@ -96,11 +98,9 @@ export class UserAuthService {
         data.password,
         data.regionUuid,
       );
-
       if (!user) {
         throw new UnauthorizedException('Invalid login credentials.');
       }
-
       const session = await Promise.all([
         await this.sessionRepository.update(
           { userId: user.id },
@@ -114,7 +114,6 @@ export class UserAuthService {
           isLoggedOut: false,
         }),
       ]);
-
       return await this.authService.login({
         email: user.email,
         userId: user.uuid,
@@ -142,8 +141,10 @@ export class UserAuthService {
   }
 
   async generateOTP(data: UserOtpDto): Promise<string> {
-    const threeDaysAgo = new Date();
-    threeDaysAgo.setDate(threeDaysAgo.getDate() - 3);
+    const otpLimiter = new Date();
+    otpLimiter.setDate(
+      otpLimiter.getDate() - this.configService.get<number>('OTP_LIMITER'),
+    );
     const userExists = await this.userRepository.exists({
       where: {
         region: data.regionUuid
@@ -162,14 +163,14 @@ export class UserAuthService {
     await this.otpRepository.delete({
       email: data.email,
       type: data.type,
-      createdAt: LessThan(threeDaysAgo),
+      createdAt: LessThan(otpLimiter),
     });
     const countOfOtp = await this.otpRepository.count({
       withDeleted: true,
       where: {
         email: data.email,
         type: data.type,
-        createdAt: MoreThan(threeDaysAgo),
+        createdAt: MoreThan(otpLimiter),
       },
     });
     const lastOtp = await this.otpRepository.findOne({