On Fri, May 6, 2016 at 12:09 AM, Prabath Siriwardana <[email protected]> wrote:
> Currently, we have a policy to lock the user account after n number of > failed login attempts... > > Can we expand this to support following scenarios... > > 1. Lock the account - and unlock it after n number of munites > This is already available. > 2. Present a captcha after n number of failed login attempts > This can be done. > 3. Slow down the login response after each failed login attempt > (increasingly) > Will have to read up more on this feature. Regards, Johann. > > > -- > Thanks & Regards, > Prabath > > Twitter : @prabath > LinkedIn : http://www.linkedin.com/in/prabathsiriwardena > > Mobile : +1 650 625 7950 > > http://blog.facilelogin.com > http://blog.api-security.org > -- Thanks & Regards, *Johann Dilantha Nallathamby* Technical Lead & Product Lead of WSO2 Identity Server Governance Technologies Team WSO2, Inc. lean.enterprise.middleware Mobile - *+94777776950* Blog - *http://nallaa.wordpress.com <http://nallaa.wordpress.com>*
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
