• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1051
  • Last Modified:

Limit web interface login attempts

due to SAS 70 audit requirements i must enforce an attempted login limit on my web interface, which runs on the same box as the secure gateway.   W2k3 on IIS6.  WI 4.0.  SG 3.0.  Get me pointed in the right direction?
0
alexsupertramp
Asked:
alexsupertramp
  • 4
  • 3
2 Solutions
 
KrAzYCommented:
Limit as in the amount of times they can log in in a certain amount of seconds/minutes or amount of login attempts and then lockout?  Does SAS have those limitations built in?  Usually you should look to your application to provide restrictions and not your Web Interface.
0
 
alexsupertrampAuthor Commented:
sorry, i wasn't specific enough: i need to limit the amount of incorrect login attempts at the web interface login.
0
 
KrAzYCommented:
Does Active Directory "Login Attempts" satisfy this?
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell┬« is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 
alexsupertrampAuthor Commented:
where is there a "login attempts" option in ad?
0
 
alexsupertrampAuthor Commented:
Thanks, I found this yesterday, and it's good info, but from testing i've done i don't think it's effective at the web interface login level.  
0
 
Dirk KotteSECommented:
for comliance we use two factor authentication fron aladdin / safenet.
this solution (safeword) has build-in attack logging and protection.
 
0
 
alexsupertrampAuthor Commented:
Thanks for the valuable info.  Both solutions will be helpful.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

  • 4
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now