Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-13096

Implement option to lock user accounts after N authentication failures

    XMLWordPrintable

    Details

      Description

      Some users would like the ability to lock user accounts after a configurable number of authentication failures, so that brute force password checking can be prevented.

      MariaDB's current host blocking mechanism can help prevent problems like this if all authentication attempts come from the same host, but it does not help if the attacker is controlling many hosts. For example, this might be a problem if the attacker were controlling a botnet.

      This task might require MDEV-13095 to be implemented first.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              cvicentiu Vicențiu Ciorbaru
              Reporter:
              GeoffMontee Geoff Montee
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: