Jump to content

throttling login atempts


Recommended Posts

Tell me if I got this right cause I am little confused...

There are 2 cases when throttling must be applied to a form...when an attacker performs an attack(dictionary attack,brute force etc) to a single account.

In the above case throttling must be activated in this specific account

AND when there is distributed brute force attack at which case throttling must be activated to ALL of the accounts.

Am I correct?

Link to comment
Share on other sites

I have been playing with something like that. I am thinking that ip addresses and usernames can be added to a timeout table. Each session can also have an "ignore" flag. Each new session gets looked up to see if the username or ip-address is in the timeout table. If it is found in the table then the "ignore" flag is set.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Create New...