Posted by LPCA on January 20, 2011 at 4:15am
1 follower
| Project: | Login Security |
| Version: | 6.x-1.x-dev |
| Component: | Code |
| Category: | feature request |
| Priority: | minor |
| Assigned: | Unassigned |
| Status: | active |
Issue Summary
hey
it would be useful to add some securer defaults, imitating partially Drupal 7.
example:
IP Track time: 1 hour
User Track time: 6 hours
Login delay base time: 5 seconds
Increase delay for each attempt?: Yes
Maximum number of login failures before detecting an ongoing attack: 10
Maximum number of login failures before soft blocking a user: 5
Maximum number of login failures before blocking a user: 10
Maximum number of login failures before soft blocking a host: 25
Maximum number of login failures before blocking a host: 50
Notifications: all unchecked
using ideas from Flood Control (D7) and from these issues:
http://drupal.org/node/1033418
http://drupal.org/node/1033420