[ https://issues.apache.org/jira/browse/CONNECTORS-1596?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16803005#comment-16803005 ]
Karl Wright commented on CONNECTORS-1596: ----------------------------------------- The ManifoldCF UI is not expected to be used in an open web environment, but in a back-office environment. Security protections designed to prevent remote hackers from getting into the UI using sophisticated tools are therefore not expected. Similarly, there will be no attempt to implement dual-factor authentication for the MCF admin UI. > brute-force vulnerability > ------------------------- > > Key: CONNECTORS-1596 > URL: https://issues.apache.org/jira/browse/CONNECTORS-1596 > Project: ManifoldCF > Issue Type: Improvement > Components: API > Affects Versions: ManifoldCF 2.12 > Reporter: roel goovaerts > Priority: Minor > > As a result of a pen test, it appears there is no functionality to counter > brute-force attacks for logging in. -- This message was sent by Atlassian JIRA (v7.6.3#76005)