Brute force login protection

このページの内容

お困りですか?

アトラシアン コミュニティをご利用ください。

コミュニティに質問

This page explains how to configure or disable Fisheye's brute force login protection.

Fisheye will protect against brute force login attacks by forcing users to solve a CAPTCHA form after a configurable number of consecutive invalid login attempts. By default, this functionality is enabled, and the number of invalid attempts is set to three.

(info) Once a user logs in successfully, they will no longer be required to solve the CAPTCHA form.

Configuring brute force login protection

To configure brute force login protection:

  1. In the Admin area, click Authentication under 'Security Settings'.
  2. Scroll down to the 'Security settings' section at the bottom of the screen.
  3. Choose 'Use CAPTCHA for login' options. Your changes are applied immediately.

Brute force protection against remote API calls

Login requests by the Fisheye remote API libraries are also covered by the brute force protections. After the number of invalid attempts is exceeded (the default is three), then the remote API for that user will be prevented from making further login attempts (as that user will now be required to solve a CAPTCHA form through the web interface in order to log in).

最終更新日: 2018 年 9 月 25 日

この内容はお役に立ちましたか?

はい
いいえ
この記事についてのフィードバックを送信する
Powered by Confluence and Scroll Viewport.