U4-6603 - Log failed login attempts

Created by Sebastiaan Janssen 07 May 2015, 09:56:47 Updated by Sebastiaan Janssen 27 Jul 2015, 12:39:27

Relates to: U4-6878

Currently we log successful backoffice logins:

2015-05-07 11:37:19,610 [19] INFO Umbraco.Web.Security.WebSecurity - [Thread 61] User Id: 0 logged in

In order to be able to investigate brute force attempts we should also log failed logins and with both logs we should also log the IP of the person attempting to log in (also to figure out if credentials are stolen and used by someone else).

Comments

Sebastiaan Janssen 10 May 2015, 15:47:43

Commit made by '''Sebastiaan Janssen''' on ''2015-05-10T17:47:32+02:00'' https://github.com/umbraco/Umbraco-CMS/commit/c34605937c85a8c1c101b7ae04699b19f24926ac

U4-6603 Log failed login attempts

#U4-6603 Fixed


Sebastiaan Janssen 10 May 2015, 15:49:07

PR here: https://github.com/umbraco/Umbraco-CMS/pull/683


Shannon Deminick 10 May 2015, 23:12:33

This is great for logging but the logs should really be done where the underlying auth occurs which is the Membershipprovider. Ideally we also enforce the rules of the membership provider lockout strategy but we need to fix this first: http://issues.umbraco.org/issue/U4-222 So people can reset their passwords if they are locked out or forget them.


Sebastiaan Janssen 11 May 2015, 09:46:46

For reference: https://github.com/umbraco/Umbraco-CMS/commit/d94b334375b7b1ba5fffba699e4eeb89418f147f


Priority: Normal

Type: Feature (planned)

State: Fixed

Assignee: Shannon Deminick

Difficulty: Normal

Category:

Backwards Compatible: True

Fix Submitted: Pull request

Affected versions:

Due in version: 7.2.5

Sprint:

Story Points:

Cycle: