Uploaded image for project: 'XWiki Platform'
  1. XWiki Platform
  2. XWIKI-15488

Limit number of login attempts until user is asked for a captcha

    Details

    • Type: New Feature
    • Status: Closed
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 11.6-rc-1
    • Component/s: Authentication
    • Labels:
      None
    • Difficulty:
      Unknown
    • Similar issues:

      Description

      As mentioned in https://forum.xwiki.org/t/limit-number-of-login-attempts-until-user-gets-blocked/3432 it would be nice to have a feature to limit the number of failed logins in the standard xwiki authenticator. I am thinking of two properties like

      login.max.failed.attempts=3

      login.failed.timewindow=5  (minutes)

      Where a user gets blocked if he fails to login 3 times within 5 minutes.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                surli Simon Urli
                Reporter:
                mwe Matthias
              • Votes:
                1 Vote for this issue
                Watchers:
                4 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:
                  Date of First Response: