Home > mailing lists

Re: User to get locked after three wrong login attempts. - Mailing list pgsql-admin

From	Ron
Subject	Re: User to get locked after three wrong login attempts.
Date	September 6, 2018 04:18:38
Msg-id	1ea8bec3-1d0b-b69f-cbc0-c936860696f4@gmail.com Whole thread Raw
In response to	Re: User to get locked after three wrong login attempts. (Craig James <cjames@emolecules.com>)
List	pgsql-admin

Tree view

On 09/05/2018 05:14 PM, Craig James wrote:
[snip]

To elaborate, you should explain to the auditor that this introduces a huge denial-of-service vulnerability into your system. Anyone can start hammering on everyone else's accounts, and with a fairly trivial script, lock the entire company out of all accounts. This is a terrible idea.

And be tracked down (relatively) quickly.

--
Angular momentum makes the world go 'round.

pgsql-admin by date:

From: Craig James
Date: 06 September 2018, 04:14:38
Subject: Re: User to get locked after three wrong login attempts.

From: Tim Cross
Date: 06 September 2018, 04:28:38
Subject: Re: User to get locked after three wrong login attempts.

Re: User to get locked after three wrong login attempts. - Mailing list pgsql-admin

Previous

Next