Re: [cas-user] Failed Login Attempts

Don't get me wrong, throttling is definitely good. The thing you want to watch out for is when unexpected attempts succeed. So one bit of strange behavior to be on the lookout for is an authentication that triggers MFA, but the MFA success never happens. It will depend on your MFA solution.

Re: [cas-user] Failed Login Attempts

Thanks for the clarification guys, Failure and rate throttling are better than nothing. I'll use them and maybe set up another script to alert me if strange behavior rolls in. On Tuesday, May 18, 2021 at 2:24:20 PM UTC-4 richard.frovarp wrote: > Adding user won't catch a spray over different

Re: [cas-user] Failed Login Attempts

Adding user won't catch a spray over different usernames. I just use rate throttling as well. And yeah, if they go down to 1 per second, you'll never catch them with the throttle. You also won't catch them if they come at you with hundreds of IPs. On Mon, 2021-05-17 at 16:40 +, Ray Bon

Re: [cas-user] Failed Login Attempts

Jeremiah, There is also throttling based on usename and IP address, https://apereo.github.io/cas/6.3.x/installation/Configuring-Authentication-Throttling.html. I have not used this, just rate throttling. Ray On Mon, 2021-05-17 at 08:32 -0700, Jeremiah Garmatter wrote: Notice: This message

[cas-user] Failed Login Attempts

Hello, I'm looking for a feature of CAS 6.3 that will allow me to lock or limit users after a few failed login attempts. I have tried the failure throttling module but find it