-
Type:
Story
-
Status: Closed
-
Priority:
Minor
-
Resolution: Completed
-
Affects Version/s: None
-
Fix Version/s: 7.3.10 DXP GA1, Master
-
Component/s: Application Security > Multi-Factor Authentication
-
Epic/Theme:
-
Story Points:5
-
Epic Link:
-
Sprint:Iteration 30, Iteration 31, Iteration 32, Iteration 33, Iteration 34, Iteration 35, Iteration 36
Description
We need an API and the implementation for MFAChecker to be able to rate limit brute-force attack.
We are going with instance level configuration but we may consider the have separated sets of configuration on system and instance level later.
Acceptance Criteria
- As an Instance Administrator, I want to configure a Retry Timeout in order not to allow End Users to make another token usage attempt within that time period.
- As an Instance Administrator, I do not want to let the End Users to make another token usage attempt within the configured Retry Timeout period.
- As an Instance Administrator, I want to configure the number of allowed failed attempts in order not to allow End Users to make too many token usage attempts without success.
- As an Instance Administrator, I do not want to let the End Users to make more token usage attempts than the configured number of allowed failed attempts.
- relates
-
LRDOCS-7697 User Document for Multi-factor atuthentication
-
- Closed
-
There are no Sub-Tasks for this issue.