bfstop icon indicating copy to clipboard operation
bfstop copied to clipboard
verified publisher icon codeling

Adaptive allowance of failed attempts

Open codeling opened this issue 11 years ago • 2 comments

As elaborated a bit in this comment, one or more policies determining an adaptive number of allowed failed attempts might be useful against distributed brute force attacks.

codeling avatar Mar 19 '14 22:03 codeling

Current Ideas for adapting the allowed numbers of failed logins include:

  • if IP is whitelisted for given user (whitelisted -> allow more attempts, see also https://github.com/codeling/bfstop/issues/24#issuecomment-66806939)
  • if geolocation of IP is close to that of the IP of the server (farther away -> allow less attempts)
  • if a common user name (e.g. 'admin') is used (common user name is used -> allow less attempts)
  • current overall amount of failed logins (e.g. in the last hour) (if more overall failed logins -> reduce number of attempts before blocking)
  • if IP does not resolve to a proper host name via nslookup, allow less atempts (#103)

codeling avatar Feb 11 '15 00:02 codeling

This would more or less follow similar ideas as Risk-Based Authentication (RBA).

codeling avatar Nov 03 '21 10:11 codeling