Help Center

Improved

Fixed

bugbug

In Review

Planned

In Progress

Completed

Rejected

High Priority

Low Priority

Main Roadmap

Quarterly Roadmap

Monthly Roadmap

Give feedback on how we can improve BugBug

Feedback request

Tell us how we could make BugBug more useful for you.

Hey {name|there}! 👋

Add account lockout when the login attempt fails multiple times over short period of time.This mechanism would help to protect against unauthorized access, especially brute-force attacks.Preferably it could be expanded to be configurable at organization settings level;<ul><li>Account Lockout – The account is temporarily or permanently disabled after a set number of failed login attempts.</li><li>Lockout Threshold – The number of failed attempts allowed before locking the account.</li><li>Lockout Duration – How long the account remains locked</li><li>Exponential Backoff – Increase wait time between attempts instead of a full lockout.</li><li>Rate Limiting – How many login attempts can be made in a certain time frame </li></ul>

Account lockout policy

Michał Muszyński

BugBug

Account lockout policy

Subscribe to post

Subscribe to post