how to handle failed login attempts?
- From: "John" <javacc1@xxxxxxxxx>
- Date: 8 Sep 2006 15:57:01 -0700
web password is commonly used in many web applications that require
authentication. The question is what should the system do if there are
multiple consecutive failed authentication attempts with a valid
username but incorrect password? Should the system lock the account, or
don't do anything?
I tried several famous email accounts and entered the incorrect
password on purpose, but they didn't lock the account.
please discuss. thanks!!
.
- Follow-Ups:
- Re: how to handle failed login attempts?
- From: Moe Trin
- Re: how to handle failed login attempts?
- From: Todd H.
- Re: how to handle failed login attempts?
- Prev by Date: Re: Backup secure enough?
- Next by Date: Re: Backup secure enough?
- Previous by thread: Backup secure enough?
- Next by thread: Re: how to handle failed login attempts?
- Index(es):
