1.1.5 Why am I not able to log into my web site Admin or FTP area?
Anytime that you attempt to log into the system (for Admin access or FTP, etc.) you have a three try limit. Once you have attempted three times unsuccessfully (caps lock is on, wrong password entered, etc.) – then you will be locked out of your account for 30 minutes. During the lock-out period no matter what password you enter you will be denied access.
SITUATION: Due to various "brute force" tools that have become widely available to hackers (and want-to-be hackers) we have chosen to activate a three login limit policy to protect account login areas.
PROBLEM: A brute force program that is unabated could attempt up to login with several million attempts per hour - not only increasing the possibility of it guessing weak passwords (pet names, real words, etc.) but also using system resources during the attack.
RESULT: The three login rule stops this activity. A million attempts to guess a password will now take 50,000 hours instead of 30 minutes.
See related Item:
http://
Go
back
|
Tele
FAQs
