[geeklog-devel] access.log

Dirk Haun dirk at haun-online.de
Sat Jan 17 08:14:07 EST 2004


Vincent wrote:

>Another tangent: In the future, if we kept track of how many failed 
>login attempts since last succesfull login, we could do some pretty cool 
>stuff (like lock and possibly send email to the affected person and 
>admin that a login has failed three times on an account).

Good point. Actually, we probably shouldn't start logging failed login
attempts until they've exceeded a certain number (say, 3) - everyone
mistypes their password once in a while ...

Blocking an account after a certain amount of failed login attempts just
calls for misuse, but sending an email (to the user at least) sounds like
a good idea.

bye, Dirk


-- 
http://www.haun-online.de/
http://mypod.de/




More information about the geeklog-devel mailing list