mahara-contributors team mailing list archive

Thread
Date

[Bug 1719987] Re: Blocked account after entering the wrong password

To: mahara-contributors@xxxxxxxxxxxxxxxxxxx
From: Robert Lyon <robertl@xxxxxxxxxxxxxxx>
Date: Thu, 28 Sep 2017 01:17:37 -0000
Reply-to: Bug 1719987 <1719987@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

I believe this problem is due to the cron not cleaning up the old login
tries

If that is not the case please mention the problem here and I'll look
into it further

-- 
You received this bug notification because you are a member of Mahara
Contributors, which is subscribed to Mahara.
Matching subscriptions: Subscription for all Mahara Contributors -- please ask on #mahara-dev or mahara.org forum before editing or unsubscribing it!
https://bugs.launchpad.net/bugs/1719987

Title:
   Blocked account after entering the wrong password

Status in Mahara:
  Invalid

Bug description:
  
  After entering five incorrect passwords, the account is reportedly blocked for five minutes.
  In fact, after five minutes, the account is still blocked.

  
  I found two solutions

  1.Change variable MAXLOGINTRIES; from 5 to (for example) 10 in htdocs/auth/user.php
  define('MAXLOGINTRIES', 10);

  2.Change variable LOGINTRIES in database; from 5 to 0.

  But apparently it should not work this way.
  Can I change or add something in user.php or somewhere else?

To manage notifications about this bug go to:
https://bugs.launchpad.net/mahara/+bug/1719987/+subscriptions

References

[Bug 1719987] [NEW] Blocked account after entering the wrong password
From: Dominika Czyszczoń, 2017-09-27