We have moved to GitHub Issues
Created by Jeffrey Schoemaker 22 Jun 2016, 15:12:59 Updated by Jeffrey Schoemaker 22 Jun 2016, 15:12:59
After 10 incorrect login attempt a backoffice-user is locked out to avoid brute force attacks (ripped of the excellent page umbraco.com/security) => The field userNoConsole in the table umbracoUser is set to 1. The only way to unlock a user is to update the table and set it back to 0 again.
Preferably you could specify a timeout and after that time the lockout is reset. By default that could be 10 minutes. In that way it's practically impossible to bruteforce Umbraco.
Type: Feature (request)
Backwards Compatible: True
Due in version: