phorge-phorge

mirror of https://we.phorge.it/source/phorge.git synced 2024-09-21 17:58:47 +02:00

History

epriestley 23e654ec2b Rate limit multi-factor actions Summary: Ref T4398. Prevent users from brute forcing multi-factor auth by rate limiting attempts. This slightly refines the rate limiting to allow callers to check for a rate limit without adding points, and gives users credit for successfully completing an auth workflow. Test Plan: Tried to enter hisec with bad credentials 11 times in a row, got rate limited. Reviewers: btrahan Reviewed By: btrahan Subscribers: epriestley Maniphest Tasks: T4398 Differential Revision: https://secure.phabricator.com/D8911	2014-04-30 14:30:31 -07:00
..
PhabricatorAuthSessionEngine.php	Rate limit multi-factor actions	2014-04-30 14:30:31 -07:00

epriestley 23e654ec2b Rate limit multi-factor actions

Summary: Ref T4398. Prevent users from brute forcing multi-factor auth by rate limiting attempts. This slightly refines the rate limiting to allow callers to check for a rate limit without adding points, and gives users credit for successfully completing an auth workflow.

Test Plan: Tried to enter hisec with bad credentials 11 times in a row, got rate limited.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T4398

Differential Revision: https://secure.phabricator.com/D8911

2014-04-30 14:30:31 -07:00

PhabricatorAuthSessionEngine.php

Rate limit multi-factor actions

2014-04-30 14:30:31 -07:00