Roundup Tracker - Issues

Message6004

Author ber
Recipients ber, rouilj
Date 2017-08-25.07:26:47
Message-id <1503646009.06.0.878221919829.issue2550949@psf.upfronthosting.co.za>
In-reply-to
Hi John,
briefly checking the issue, I agree that it is an area that should be
improved.

As for using reCAPTCHA, there is an additional drawback that an external
connection is made which loses some information to the contacted server
and used network nodes.

So I'd prefer other solutions. 
Slowing down fast login-attempts seems the best to me.
Also adding some sort of captca or text-cha in case of several failed
login-attempts.

Another possible improvement could be to display the last login attempts,
so that a user may notice that an attack on her account is in progress.

The most effective counter measure would probably by logging failed attempts
and monitoring the log files and network logs for active intrusion attempts.
History
Date User Action Args
2017-08-25 07:26:49bersetmessageid: <1503646009.06.0.878221919829.issue2550949@psf.upfronthosting.co.za>
2017-08-25 07:26:49bersetrecipients: + ber, rouilj
2017-08-25 07:26:48berlinkissue2550949 messages
2017-08-25 07:26:47bercreate