Currently, we have a policy to lock the user account after n number of failed login attempts...
Can we expand this to support following scenarios... 1. Lock the account - and unlock it after n number of munites 2. Present a captcha after n number of failed login attempts 3. Slow down the login response after each failed login attempt (increasingly) -- Thanks & Regards, Prabath Twitter : @prabath LinkedIn : http://www.linkedin.com/in/prabathsiriwardena Mobile : +1 650 625 7950 http://blog.facilelogin.com http://blog.api-security.org
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
