Uploaded image for project: 'Documentation'
  1. Documentation
  2. DOCS-8962

Add configurable delay for failed authentication

    XMLWordPrintableJSON

Details

    • Icon: Task Task
    • Resolution: Won't Do
    • Icon: Major - P3 Major - P3
    • Server_Docs_20231030
    • None
    • Server
    • None

    Description

      Add a new server parameter --authFailedDelayMs to offer a basic protection against brute force password guessing attacks.

      The parameter should be configurable at startup and runtime and apply to at least MONGODB-CR, PLAIN and SCRAM-SHA-1.

      Attachments

        Activity

          People

            Unassigned Unassigned
            emily.hall Emily Hall
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

            Dates

              Created:
              Updated:
              1 year, 14 weeks, 2 days ago