Module to block a brut force attack by login / password
Registered by
Sylvain LE GAL (GRAP)
hi all,
I would like to have a module that prevents people to attack OpenERP doing a lot of tries of couple "login" / "password". (Brut Force attack).
It seems that this kind of feature is not covered. Would you be interested to work on / talk about / review a module that realize that.
Quick feature :
- define a parameter 'max_try_allowed' in ir.config.
- block users that try to log in OpenERP after X attempts;
My main question is : how to define that it is the same user. I only see for the moment client IP but it doesn't work in all network configuration.
Regards.
Blueprint information
- Status:
- Not started
- Approver:
- None
- Priority:
- Undefined
- Drafter:
- Sylvain LE GAL (GRAP)
- Direction:
- Needs approval
- Assignee:
- None
- Definition:
- New
- Series goal:
- None
- Implementation:
- Unknown
- Milestone target:
- None
- Started by
- Completed by
Related branches
Related bugs
Sprints
Whiteboard
(?)