Lock accounts after X unsuccessful tries
Bug #1613276 reported by
Paul Everitt
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
KARL4 |
Fix Released
|
Medium
|
Carlos de la Guardia |
Bug Description
"time lockout after 8 unsuccessful tries"
- At 8, password reset with a special notice indicating failures
- Configurable value for the limit on tries
- Show them how many tries they have left
- Send an email at some point in the failures to let them know there were problems, perhaps at 6 out of 8
Changed in karl4: | |
milestone: | 022 → 023 |
Changed in karl4: | |
milestone: | 023 → 024 |
Changed in karl4: | |
status: | New → Fix Committed |
Changed in karl4: | |
status: | Fix Committed → Fix Released |
To post a comment you must log in.
I got a bug report from an OSF user that got locked out due to password attempts. It appears that some of this made it into production.
What step should I take from the debug console to clear that user's password attempts counter?
Also, what is needed to either disable this, or finish it?