View Issue Details

IDProjectCategoryView StatusLast Update
0000080Main CAcert Websiteaccount administrationpublic2013-01-13 15:31
Reporterevaldo Assigned To 
PriorityhighSeverityfeatureReproducibilityN/A
Status closedResolutionfixed 
Fixed in Version2006 
Summary0000080: Account blocking/lockout feature request
DescriptionWe would really benefit from an account lockout mechanism, enabling administrators to manually block/unblock logins/password recovery for some accounts that may be under a "brute force" attack against the 5 questions. Automatic lockout would be a plus (say, over 10 or 20 wrong tries).

TagsNo tags attached.
Reviewed by
Test Instructions

Activities

duane

2006-08-16 16:11

developer   ~0000535

Code added, new option in admin interface, possibly more code needed to detect multiple logins within a short time period and lock the account etc...

Issue History

Date Modified Username Field Change
2005-10-26 11:26 evaldo New Issue
2005-12-02 11:28 evaldo Priority normal => high
2006-02-12 01:10 evaldo Status new => @30@
2006-08-16 16:10 duane Status @30@ => needs work
2006-08-16 16:10 duane Assigned To => evaldo
2006-08-16 16:11 duane Status needs work => solved?
2006-08-16 16:11 duane Fixed in Version => production
2006-08-16 16:11 duane Resolution open => fixed
2006-08-16 16:11 duane Note Added: 0000535
2007-06-25 07:12 evaldo Assigned To evaldo =>
2007-10-24 05:50 evaldo Status solved? => closed
2013-01-13 15:31 Werner Dworak Fixed in Version => 2006