On 2021/03/05 08:58, jdd@dodin.org wrote:
Le 05/03/2021 à 17:36, Per Jessen a écrit :
I'm not sure if I would even contemplate disabling a Linux user account based on 3 bad attempts.
possible if the login is a private long thing, where it's unlikely it can be found, else any attempt by a non authorized user lock out the real user
---- The financial institutions really don't seem to have a problem with some random hacker trying to DOS all their customers. Maybe they have other policies in place to detect and block such attempts. Or maybe their customers prefer having to call in to support rather than losing a few million dollars. Note these are web-logins/password, not ones where they can hammer a specific port. It's a bit harder to automate a web-account password when you have to remember your secure picture and answer one of your secret questions in addition to the password. Instead of locking you out, it might simply force you to re-enter your some account information -- like 3 attempts on an ssh password, and you have to login to the web-access page and identify your secure picture after receiving a 1-time code at your local email address. Just having to switch modalities from host+port to web and email to re-enable host+port login is sufficiently messy to dissuade very many attempts against a specific account. ======== On 2021/03/05 09:10, Per Jessen wrote: I just foresee the situation where and 'admin' account is locked out and support has gone home for the weekend. --- First thing -- the institutions/organizations that have such security measures have teams answering phones 24/7, holidays included. There are no weekends. Second thing -- as for someone having their admin account open to password cracking facing the web -- that shouldn't happen to begin with. With a minimal security policy, you couldn't access an admin account directly from the external web. You'd have to first login to a internet access account to a bastion machine, then try for a user login to an admin-capable machine and from there elevate to an admin account. The admin account would never be exposed to the outside internet such that it would be able to be probed from the outside net -- actually not likely from the inside net either -- only an internal user account would be able to acquire admin privs on some specific machine.