Hi All How should these failed login attempts be captured via audit logs
regards, Shavantha Weerasinghe Senior Software Engineer QA WSO2, Inc. lean.enterprise.middleware. http://wso2.com http://wso2.org Tel : 94 11 214 5345 Fax :94 11 2145300 On Fri, May 6, 2016 at 8:04 AM, Johann Nallathamby <[email protected]> wrote: > > > On Fri, May 6, 2016 at 12:09 AM, Prabath Siriwardana <[email protected]> > wrote: > >> Currently, we have a policy to lock the user account after n number of >> failed login attempts... >> >> Can we expand this to support following scenarios... >> >> 1. Lock the account - and unlock it after n number of munites >> > > This is already available. > > >> 2. Present a captcha after n number of failed login attempts >> > > This can be done. > > >> 3. Slow down the login response after each failed login attempt >> (increasingly) >> > > Will have to read up more on this feature. > > Regards, > Johann. > > >> >> >> -- >> Thanks & Regards, >> Prabath >> >> Twitter : @prabath >> LinkedIn : http://www.linkedin.com/in/prabathsiriwardena >> >> Mobile : +1 650 625 7950 >> >> http://blog.facilelogin.com >> http://blog.api-security.org >> > > > > -- > Thanks & Regards, > > *Johann Dilantha Nallathamby* > Technical Lead & Product Lead of WSO2 Identity Server > Governance Technologies Team > WSO2, Inc. > lean.enterprise.middleware > > Mobile - *+94777776950* > Blog - *http://nallaa.wordpress.com <http://nallaa.wordpress.com>* > > _______________________________________________ > Architecture mailing list > [email protected] > https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture > >
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
