Lock down accounts by IP after N failed attemps at logging
|Reported by:||matt||Owned by:|
|Priority:||major||Milestone:||2.x - Piwik 2.x|
Our security policy aims to make security a principal design behind Piwik. One aspect that bugs me currently is that good old brute force attacks could be vector of penetration in Piwik (if eg. attacker knows the login).
We should provide a core mechanism that would lock out, for 30min for example, a user after N failed attemps. Settings could be changed by the Super User and feature would be enabled by default, lock 30 min out after 5 failed attempts.
- Record, using Piwik_SetOption, count of lockdown for each IP that fails to enter valid login / pwd combination
- After N failures, lock IP down and refuse authentication (even if the combination is actually valid!).
- Document as FAQ, linked from UI, the sql to delete all locked out IPs in case the SU was actually locked out and can't wait.
Change History (8)
comment:3 Changed 16 months ago by matt (mattab)
- Milestone changed from 1.x - Piwik 1.x to 1.9 Piwik 1.9
- Priority changed from normal to major
comment:6 Changed 14 months ago by mainboarder
comment:7 Changed 10 months ago by matt (mattab)
- Milestone changed from 1.12.x - Piwik 1.12.x to 2.x - Piwik 2.x