Add a new server parameter --authFailedDelayMs to offer a basic protection against brute force password guessing attacks.
The parameter should be configurable at startup and runtime and apply to at least MONGODB-CR, PLAIN and SCRAM-SHA-1.
- is documented by
-
DOCS-8962 Add configurable delay for failed authentication
- Closed