Thread: [pgAdmin4][Patch] - Fix for RM #6664
Hi,
Please find the attached fix for the RM #6664. The issue is, even if the user is locked, he can reset the password and can login into pgAdmin.
With this fix, I have also ensured that the account should be locked with the multiple failed attempts only for the Internal pgAdmin users.
Thanks,
Khushboo
Attachment
Hi,
Kerberos Login fails for the first time which is a regression of the #6337 - Login page brute force.
Please find the attached updated patch with this fix.
Thanks,
Khushboo
On Mon, Aug 9, 2021 at 11:32 AM Khushboo Vashi <khushboo.vashi@enterprisedb.com> wrote:
Hi,Please find the attached fix for the RM #6664. The issue is, even if the user is locked, he can reset the password and can login into pgAdmin.With this fix, I have also ensured that the account should be locked with the multiple failed attempts only for the Internal pgAdmin users.Thanks,Khushboo
Attachment
Thanks, the patch applied.
On Mon, Aug 9, 2021 at 1:10 PM Khushboo Vashi <khushboo.vashi@enterprisedb.com> wrote:
Hi,Kerberos Login fails for the first time which is a regression of the #6337 - Login page brute force.Please find the attached updated patch with this fix.Thanks,KhushbooOn Mon, Aug 9, 2021 at 11:32 AM Khushboo Vashi <khushboo.vashi@enterprisedb.com> wrote:Hi,Please find the attached fix for the RM #6664. The issue is, even if the user is locked, he can reset the password and can login into pgAdmin.With this fix, I have also ensured that the account should be locked with the multiple failed attempts only for the Internal pgAdmin users.Thanks,Khushboo
Thanks & Regards
Akshay Joshi
pgAdmin Hacker | Principal Software Architect
EDB PostgresMobile: +91 976-788-8246