Limit the Number of Login Attempts #29

New Issue

delvh · 2020-09-18T18:22:19+02:00

delvh commented

2020-09-18 18:22:19 +02:00

Currently, an attacker might just brute-force his way into a user's password by sending thousands of login attempts. To punish this kind of behavior, we might do one of two attempts:
Either a user has a maximum number of login attempts in for example 10 seconds,
or the time until the server responds gradually/ exponentially increases with each failed attempt.

Currently, an attacker might just brute-force his way into a user's password by sending thousands of login attempts. To punish this kind of behavior, we might do one of two attempts: Either a user has a maximum number of login attempts in for example 10 seconds, or the time until the server responds gradually/ exponentially increases with each failed attempt.

delvh added this to the v0.2-beta milestone 2020-09-18 18:22:19 +02:00

delvh added the

server

label 2020-09-18 18:22:19 +02:00

delvh added the

M

label 2020-09-19 13:12:10 +02:00

kske changed title from ~~Limiting the number of login attempts~~ to Limit the number of login attempts

2020-09-19 14:37:40 +02:00

delvh modified the milestone from v0.2-beta to v0.3-beta

2020-09-22 17:21:27 +02:00

kske added a new dependency 2020-09-29 08:53:30 +02:00

#66 Integrate zdm/nio-server

kske changed title from ~~Limit the number of login attempts~~ to Limit the Number of Login Attempts

2020-09-29 09:19:57 +02:00

This repo is archived. You cannot comment on issues.

1 Participants

Due Date

No due date set.

Depends on

#66 Integrate zdm/nio-server

zdm/envoy

Reference: zdm/envoy#29