John Ruhiu created FINERACT-2004: ------------------------------------ Summary: Limit login re-tries Key: FINERACT-2004 URL: https://issues.apache.org/jira/browse/FINERACT-2004 Project: Apache Fineract Issue Type: New Feature Reporter: John Ruhiu Fix For: 1.9.0
Limit the number of login attempts to N times where N is a configurable value under system/configurations. To do: # Add ability to set maximum login retries as a global configuration # Check maximum login times and lock account if exceeded Notes: * The global configuration should allow user to turn it on/off * The global configuration should allow user to set maximum retries value * Failed logins will set the failed login attempts value and increase it by 1 until max retries have been reached as set in the global configuration * Successful login resets the failed login attempts to zero. For example, a user has tried and failed to login 2 times but succeeds on the third. On this third attempt, the failed login value is set to zero. * Add this to permissions list to allow granting the same to qualified roles * Add tests to allow test automation * Add documentation to allow autogeneration by swagger docs -- This message was sent by Atlassian Jira (v8.20.10#820010)