[TYPO3-english] Typo3 BE login security
Steffen Müller
typo3 at t3node.com
Thu Mar 25 21:39:58 CET 2010
Hi.
On 25.03.2010 15:36 Tonix (Antonio Nati) wrote:
> I feel disabling temporarily accounts is a great idea, if it is done in
> a selective way.
>
Take IP spoofing into account, mobbing of colleagues, ...
Blacklisting means much hassle, which can be avoided by good passwords.
Brute force on strong >12 character password will probably always fail,
especially with the delay we have on false BE logins.
IMHO no need for complex blacklisting routines.
--
cheers,
Steffen
TYPO3 Blog: http://www.t3node.com/
Microblog: http://twitter.com/t3node
More information about the TYPO3-english
mailing list