[
https://issues.apache.org/jira/browse/FINERACT-136?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Awasum Yannick reassigned FINERACT-136:
---------------------------------------
Assignee: (was: Markus Geiss)
> Security improvements on authentication/passwords
> -------------------------------------------------
>
> Key: FINERACT-136
> URL: https://issues.apache.org/jira/browse/FINERACT-136
> Project: Apache Fineract
> Issue Type: Improvement
> Reporter: Binny Gopinath Sreevas
> Priority: Major
>
> Make improvements to keep track of authentication attempts and security by
> doing the following:
> a) Logging user logins - whenever any user tries to login (success or
> failure) below logs should be stored in the database:
> username/userid
> user agent (Browser, OS, device)
> IP address
> Date/Time
> login success or failure
> b) Facility to preventing brute force attacking - system should block the
> user after n unsuccessful attempts in a day for m number of days, (n,m are
> configurable)
> c) Configure passwords to expire - for example: after 2 months - Should be
> possible to set non-expiring passwords as a policy for the organization.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
