View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0009271 | Taler | libeufin-bank | public | 2024-10-15 17:51 | 2024-10-15 18:29 |
Reporter | Antoine A | Assigned To | Antoine A | ||
Priority | urgent | Severity | feature | Reproducibility | N/A |
Status | assigned | Resolution | open | ||
Target Version | 1.0 | ||||
Summary | 0009271: Lockout policy | ||||
Description | Every bank account should have a password authentication attempt counter that blocks the account after N failed attempts. When an account is blocked, existing tokens still work, but password authentication no longer does. It's also important not to perform password hashing when an account is blocked, as we also want to become more DOS-resistant. | ||||
Tags | No tags attached. | ||||
Date Modified | Username | Field | Change |
---|---|---|---|
2024-10-15 17:51 | Antoine A | New Issue | |
2024-10-15 17:51 | Antoine A | Status | new => assigned |
2024-10-15 17:51 | Antoine A | Assigned To | => Antoine A |
2024-10-15 17:51 | Antoine A | Relationship added | child of 0009269 |
2024-10-15 18:29 | Antoine A | Relationship added | related to 0009272 |