Binny Gopinath Sreevas created FINERACT-136:
-----------------------------------------------
Summary: Security improvements on authentication/passwords
Key: FINERACT-136
URL: https://issues.apache.org/jira/browse/FINERACT-136
Project: Apache Fineract
Issue Type: Improvement
Reporter: Binny Gopinath Sreevas
Assignee: Markus Geiss
Make improvements to keep track of authentication attempts and security by
doing the following:
a) Logging user logins - whenever any user tries to login (success or failure)
below logs should be stored in the database:
username/userid
user agent (Browser, OS, device)
IP address
Date/Time
login success or failure
b) Facility to preventing brute force attacking - system should block the user
after n unsuccessful attempts in a day for m number of days, (n,m are
configurable)
c) Configure passwords to expire - for example: after 2 months - Should be
possible to set non-expiring passwords as a policy for the organization.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
