Password Guessing

1 - About

Password guessing is a common type of security attack. In this type of attack, a hacker attempts to log in to a computer using various combinations of usernames and passwords.

The best method to prevent it is to implement user lockouts

3 - User lockout parameters

Example:

  • Lockout Threshold: The maximum number of consecutive invalid login attempts that can occur before a user's account is locked out.
  • Lockout Duration: The number of minutes that a user's account is locked out.
  • Lockout Reset Duration: The number of minutes within which consecutive invalid login attempts cause a user's account to be locked out.
security/password_guessing.txt ยท Last modified: 2018/04/18 14:40 by gerardnico