Comment 1 for bug 1347907
Revision history for this message
| Michael Terry (mterry) wrote Re: create a delay for password failure attempts | #1 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
73416ba
(Get the code!)
I've added an ubuntu-ux task, because I'd like guidance for how this is presented to the user.
My thinking from a technical POV is that we can use a PAM module (pam_tally2) to record failed logins. The timing is configurable with it, but the default behavior is to just silently fail. That is, once the user fails to log in, say 5 times, then further logins for, say an hour, will fail (even if the right password is used). Is that how we'd like it work?
But we probably want some message to be shown to the user. Right now we don't show any text at all on incorrect entries. We just jiggle the password box.