Lock account after multiple login failure

2011-01-10T02:00:02
ID ATLASSIAN:JRASERVER-23412
Type atlassian
Reporter rhartono
Modified 2018-02-08T06:18:36

Description

{panel:bgColor=#e7f4fa} NOTE: This suggestion is for JIRA Server. Using JIRA Cloud? [See the corresponding suggestion|http://jira.atlassian.com/browse/JRACLOUD-23412]. {panel}

For security purposes, it is desirable to have a mechanism to lock an account if the user attempted multiple login unsuccessfully.

Perhaps something like what they are doing here: http://jira.codehaus.org/browse/CONTINUUM-796

See also: http://confluence.atlassian.com/display/DEV/shipit+14+Delivery+-+Brute+Force+Login+Prevention