Lock account after X failed login attempts and send email
Bug #360657 reported by
Daniel Hahler
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
b2evolution |
Triaged
|
Wishlist
|
Unassigned |
Bug Description
There's a login_protect plugin that I've once written, which tries to limit the number of login attempts (brute force attack).
I don't know what it does exactly (IIRC it displays a captcha after X failed attempts).
I'd like to enhance this so that the account gets locked after X failed attempts (in a certain time span) and an email to unlock the account gets sent to the user.
I've just seen this with Bugzilla (at mozilla.org).
Changed in b2evolution: | |
importance: | Undecided → Wishlist |
Changed in b2evolution: | |
status: | New → Triaged |
To post a comment you must log in.
lock account