Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-13096

Implement option to lock user accounts after N authentication failures

Details

    Description

      Some users would like the ability to lock user accounts after a configurable number of authentication failures, so that brute force password checking can be prevented.

      MariaDB's current host blocking mechanism can help prevent problems like this if all authentication attempts come from the same host, but it does not help if the attacker is controlling many hosts. For example, this might be a problem if the attacker were controlling a botnet.

      This task might require MDEV-13095 to be implemented first.

      Attachments

        Issue Links

          is duplicated by

          Task - A task that needs to be done. MDEV-7598 Block user accounts after failed login attempts

          • Major - Major loss of function.
          • Closed
          relates to

          Task - A task that needs to be done. MDEV-15421 max allowed bad password attempts from ip

          • Major - Major loss of function.
          • Closed

          Activity

            Ascending order - Click to sort in descending order
            GeoffMontee Geoff Montee (Inactive) created issue -
            GeoffMontee Geoff Montee (Inactive) made changes -
            Field Original Value New Value
            ralf.gebhardt Ralf Gebhardt made changes -
            Fix Version/s 10.4 [ 22408 ]
            danblack Daniel Black made changes -
            ratzpo Rasmus Johansson (Inactive) made changes -
            Assignee Vladislav Vaintroub [ wlad ]
            julien.fritsch Julien Fritsch made changes -
            Epic Link PT-73 [ 68549 ]
            ralf.gebhardt Ralf Gebhardt made changes -
            Priority Major [ 3 ] Critical [ 2 ]
            ralf.gebhardt Ralf Gebhardt made changes -
            Rank Ranked higher
            serg Sergei Golubchik made changes -
            Assignee Vladislav Vaintroub [ wlad ] Vicentiu Ciorbaru [ cvicentiu ]
            serg Sergei Golubchik made changes -
            serg Sergei Golubchik made changes -
            Fix Version/s N/A [ 14700 ]
            Fix Version/s 10.4 [ 22408 ]
            Resolution Duplicate [ 3 ]
            Status Open [ 1 ] Closed [ 6 ]
            ralf.gebhardt Ralf Gebhardt made changes -
            Epic Link PT-73 [ 68549 ]
            ralf.gebhardt Ralf Gebhardt made changes -
            serg Sergei Golubchik made changes -
            Workflow MariaDB v3 [ 81242 ] MariaDB v4 [ 133292 ]
            mariadb-jira-automation Jira Automation (IT) made changes -
            Zendesk Related Tickets 190825

            People

              cvicentiu Vicențiu Ciorbaru
              GeoffMontee Geoff Montee (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Git Integration

                  Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.