Uploaded image for project: 'mod-login'
  1. mod-login
  2. MODLOGIN-42

Security: Counting Failed login attempts

    XMLWordPrintable

Details

    • EPAM Sprint 2, EPAM Sprint 3, EPAM Sprint 4
    • 3
    • Folijet

    Description

      As a person responsible for the security of the Folio platform
      I want to track failed login attempts to prevent brute force attacks of the Folio platform

      Requirement (these requirements may need to split into additional user stories)

      • Ensure that Folio is logging failed login attempts
      • Ensure that Folio is counting failed login attempts
      • Ensure that Folio is logging failed login date/time stamps
      • Ensure that Folio is logging whether the user status = inactive due to failed login attempts
      • Ensure that Folio resets failed login attempts count to zero when user successfully resets/changes/logs into Folio

      Acceptance Criteria

      Given I am attempting to login to Folio
      AND I have failed at least once to login
      BUT not 5 times
      When I successfully login to Folio
      Then my failed login attempt count should be set to zero/null

      Given my account is no longer blocked
      When I reset my password OR login successfully
      Then my failed login attempt count should be set to zero/null

      TestRail: Results

        Attachments

          Issue Links

            Activity

              People

                kgambrell Khalilah Gambrell
                kgambrell Khalilah Gambrell
                Votes:
                0 Vote for this issue
                Watchers:
                4 Start watching this issue

                Dates

                  Created:
                  Updated:
                  Resolved:

                  TestRail: Runs

                    TestRail: Cases