Project

General

Profile

Actions

Feature #4238

closed

Protection from Brute Force Password Attacks

Added by Bryan Kearney almost 11 years ago. Updated over 6 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
Security
Target version:
Difficulty:
Triaged:
Fixed in Releases:
Found in Releases:

Description

The login screen should protect the users from a brute force password attack. This can handled by approaches such as:

1) Locking an account out after X many failed attempts.
2) Supporting an escalated delay between logins (first failed login delay 5 seconds, second 10, third 20, etc)


Related issues 1 (0 open1 closed)

Related to Foreman - Refactor #22778: Allow admin to opt-out from the Brute-force attack protectionClosedMarek HulánActions
Actions

Also available in: Atom PDF