Last modified: 2007-05-09 16:51:37 UTC

Wikimedia Bugzilla is closed!

Wikimedia has migrated from Bugzilla to Phabricator. Bug reports should be created and updated in Wikimedia Phabricator instead. Please create an account in Phabricator and add your Bugzilla email address to it.
Wikimedia Bugzilla is read-only. If you try to edit or create any bug report in Bugzilla you will be shown an intentional error message.
In order to access the Phabricator task corresponding to a Bugzilla report, just remove "static-" from its URL.
You could still run searches in Bugzilla or access your list of votes but bug reports will obviously not be up-to-date in Bugzilla.
Bug 9836 - React nastily on multiple failed login attempts (throttle/lockout, captcha)
React nastily on multiple failed login attempts (throttle/lockout, captcha)
Product: MediaWiki
Classification: Unclassified
User login and signup (Other open bugs)
All All
: Normal enhancement (vote)
: ---
Assigned To: Nobody - You can work on this!
Depends on:
Blocks: 9816
  Show dependency treegraph
Reported: 2007-05-08 00:45 UTC by Aryeh Gregor (not reading bugmail, please e-mail directly)
Modified: 2007-05-09 16:51 UTC (History)
1 user (show)

See Also:
Web browser: ---
Mobile Platform: ---
Assignee Huggle Beta Tester: ---


Description Aryeh Gregor (not reading bugmail, please e-mail directly) 2007-05-08 00:45:19 UTC
vBulletin allows 5 tries every 15 minutes, and that seems to work nicely (3
times is probably too few).  Things to consider:

1) Send an e-mail to the address attached to the account on lockout, with IP

2) Send an e-mail to all members of a certain usergroup if the locked-out user
is part of one of certain usergroups.  E.g., a locked-out
sysop/bureaucrat/steward might send an e-mail to all bureaucrats and stewards on
the wiki, say, or all checkusers.  This can allow blocking and/or further
examination of the IP address, and central tracking if a bot tries
systematically cracking all sysops' accounts.

Possibly we can incorporate a captcha after a few failed attempts to make it
harder for bots to just hit the limit repeatedly.  If we do so, it should be
possible to disable for the few users who have trouble with captchas (e.g.,
blind users).

All of these should be configurable per-usergroup, and possibly as a user
preference.  Ordinary users shouldn't have to be inconvenienced if they don't
want to be, since if they get taken over nothing much will happen except for
their reputation being tarnished, which is their problem.  (But on wikis with
locked-down viewing/editing, users might be restricted as well.)  On the other
hand, it's nice to allow more paranoid users to protect their identities more
Comment 1 Titoxd 2007-05-08 02:54:27 UTC
*** Bug 9838 has been marked as a duplicate of this bug. ***
Comment 2 Brion Vibber 2007-05-08 15:49:46 UTC
Captcha already present. Lockout is a DoS vector, unacceptable.
Comment 3 Aryeh Gregor (not reading bugmail, please e-mail directly) 2007-05-08 16:38:11 UTC
Lockout per-IP is not generally a DoS vector, although it could be to some
extent in special cases (shared dynamic ISP).  What about e-mail to either a
centralized place or the user himself?  Possibly not worthwhile before bug 9837?
Comment 4 Aryeh Gregor (not reading bugmail, please e-mail directly) 2007-05-09 16:51:37 UTC
E-mailing -> bug 9838.

Note You need to log in before you can comment on or make changes to this bug.