-
Type: Task
-
Resolution: Won't Do
-
Priority: Major - P3
-
Affects Version/s: None
-
Component/s: Server
-
Labels:None
Add a new server parameter --authFailedDelayMs to offer a basic protection against brute force password guessing attacks.
The parameter should be configurable at startup and runtime and apply to at least MONGODB-CR, PLAIN and SCRAM-SHA-1.
- documents
-
SERVER-20110 Add configurable delay for failed authentication
- Closed