Binny Gopinath Sreevas created FINERACT-136:
---
Summary: Security improvements on authentication/passwords
Key: FINERACT-136
URL: https://issues.apache.org/jira/browse/FINERACT-136
Project: Apa
Hi!
I apologize in advance for invading this thread, especially since I've
contributed no source code at all. I would like to recomend that, if we
improve this, a few additional tricks can also help in preventing brute
force:
1) increasing delay between "login failed" responses to succesive attem
Hi Javier,
Sorry for delayed response.
Point 2 will be implemented by by point b) in the JIRA, correct?
Agree with points 3 and 4.
You could add these as comments on the JIRA or edit the JIRA itself.
For point 1 - I will leave it to one of the developers to comment if it is
a good practice to i
Hi Binny,
it's great to hear back from you!
You're absolutely right, point 2 is the same as the original point B.
With regards to point 1, I understand, and the developers will of course
make the final decision.
I find that it's potentially a strong tool against brute force, because it
increase
