26 Jan
2009
26 Jan
'09
5:02 p.m.
Hi,
The current password policy module can lock folks out after some configurable number of failed attempts. The module currently does not differentiate between a user failing with the same wrong password a bunch of times versus a crack attempt where someone tries multiple different wrong passwords. Are there any modules that take into account if the same password is being used a bunch of times or if multiple different passwords are failing? Could this be a useful feature worth requesting (if it doesn't exist already)?
Thank you,
Aravind.