Open fpietrosanti opened 11 years ago
In reference to issue #37
Partial implementation on commit https://github.com/globaleaks/GLBackend/commit/4ca7fef624564893009d746302b59fd9e4afe0a1
with settings.py
here has been solved a critical security flaw: https://github.com/globaleaks/GLBackend/commit/82661ef8ebc132a960a59a8f7fe10dae8f10a4c2 based on errors login counter.
Which is the state of this issue?
this is currently in wishlist; is a nice to have to eventually to be discussed but still not in any milestone as not felt as higly required right now
What about this issue? Could we give an estimate?
Password lockout is to protect receivers against password brute forcing, functionally as described in the "GlobaLeaks Application Security Design" document.
This feature is to be implemented by:
Want to back this issue? Post a bounty on it! We accept bounties via Bountysource.