We have a requirement to set the number of login attempts to 3 before we lock out the user. It seems the default is 5. How do I change this value in Weblogic 10.0? ...
I'm working on a fairly large web site built in PHP that will potentially have a lot of users. I'm looking into a way to protect the login screen from automated attempts. I have already included a CAPTCHA check on the registration form, yet want to harden the site more. There have been similar questions on StackOverflow that I know of, ...
I'm trying to write an improved password reset function for one of our public facing websites and in addition to a better captcha I wanted to flag a username that attempts to login w/ no success x amount of times in under y minutes. The first thought was to have a database that logs each attempt and then after the max amount of attempts...
If my website uses a POST form for login, what is a quick and easy way to prevent a rogue client from flooding my web server with POST requests trying to brute force crack my user accounts? PHP/MySQL/Apache. ...
1) A typical Login Screen of an application, ID locked for wrong passwords when more than three attempts. 2) The attempt cannot be stored in session, because user might use multiple browsers in same or different machine. 3) I don't want to persist the count in the database since one would have to reset it after 24rs or so. What is the...
In my website I am accessing my sqlserver database using "windows authencation mode". Everything works fine when I run my website using visual studio. but when I hosted my website on IIS, everytime an error message comes that "database login failed". Login failed for user 'HAL\IUSR_HAL'.(HAL is the name of my webserver) Should I do som...
i have created login page which sends ajax request to a php page for login verification. On that php page i m creating session, and sending response as per login verification. if user is authenticated i m redirecting it to home page from java script from where i send ajax. but on that homepage i cant get that session object... why? can u...
I got 2 folder, one is "Lectures" where only lecture can login, and another is "Students" where only students can login. and i use role-based authorization. but the problem is i only can assign one value for defaultUrl in web.config, if i assign it to "~/Lectures/Default.aspx" and this make lecture can login without any problem, but whe...