diff --git a/Backend/Middlewares/rateLimiter.js b/Backend/Middlewares/rateLimiter.js
new file mode 100644
index 0000000..196d55e
--- /dev/null
+++ b/Backend/Middlewares/rateLimiter.js
@@ -0,0 +1,11 @@
+const rateLimit = require("express-rate-limit");
+
+const loginLimiter = rateLimit({
+  windowMs: 15 * 60 * 1000, // 15 minutes
+  max: 5, // limit each IP to 5 login requests per windowMs
+  message: "Too many login attempts. Try again in 15 minutes.",
+  standardHeaders: true,
+  legacyHeaders: false,
+});
+
+module.exports = { loginLimiter };