Details
-
Task
-
Resolution: Won't Do
-
Major - P3
-
None
-
None
Description
Add a new server parameter --authFailedDelayMs to offer a basic protection against brute force password guessing attacks.
The parameter should be configurable at startup and runtime and apply to at least MONGODB-CR, PLAIN and SCRAM-SHA-1.
Attachments
Issue Links
- documents
-
SERVER-20110 Add configurable delay for failed authentication
-
- Closed
-