krtek4
commented
6 years ago Hi @AdrienPensart,
I am surprised you report being yelled at, because the mechanism you want is implemented since day one.
Multipass only tries 5 times before giving up, the code is at https://github.com/krtek4/MultiPass/blob/master/js/extension.js#L44 . Also, in case of failure, a red badge is displayed on the extension icon so that you are informed.
There might be a bug in the code, but a quick test correctly displayed a 403 error page on my side with a red badge and I confirmed the 5 tentative in the Apache log of my test server.
Can you give me more information about your setup ?
Hello,
in my company, we must change our passwords every X months and so I have to update passwords in MultiPass, but MultiPass does not tell me that it tried a lot of time without success and thus security team is yelling at me for bruceforce web basic auth.
Can we have a max attempt parameter before disabling Multipass, in order to force me to update passwords in MultiPass ?
I'll try to create a pull request but never developed a chrome extension...