topic Re: Protecting the Mobile Access portal from password brute force in Mobile https://community.checkpoint.com/t5/Mobile/Protecting-the-Mobile-Access-portal-from-password-brute-force/m-p/133123#M713 <P>Starting page&nbsp;<SPAN style="font-family: inherit; background-color: #ffffff;">170 is&nbsp;</SPAN><SPAN style="font-family: inherit; background-color: #ffffff;">User Authentication in Mobile Access. Here you select which kind of authentication should be used, and further steps are depending on it.</SPAN></P> Wed, 03 Nov 2021 11:17:49 GMT G_W_Albrecht 2021-11-03T11:17:49Z Protecting the Mobile Access portal from password brute force https://community.checkpoint.com/t5/Mobile/Protecting-the-Mobile-Access-portal-from-password-brute-force/m-p/133117#M710 <P>Is it possible to limit the number of password entry attempts on the Mobile Access portal?</P><P>For example, if a user enters an incorrect password 3 times, the user is blocked.</P> Wed, 03 Nov 2021 10:32:26 GMT https://community.checkpoint.com/t5/Mobile/Protecting-the-Mobile-Access-portal-from-password-brute-force/m-p/133117#M710 Arturxr 2021-11-03T10:32:26Z Re: Protecting the Mobile Access portal from password brute force https://community.checkpoint.com/t5/Mobile/Protecting-the-Mobile-Access-portal-from-password-brute-force/m-p/133119#M711 <P>Yes, that is possible, see the&nbsp;<SPAN style="font-family: inherit; background-color: #ffffff;">Mobile Access R81 Administration Guide - it does, however, depend on the used authentication type.</SPAN></P> Wed, 03 Nov 2021 10:55:30 GMT https://community.checkpoint.com/t5/Mobile/Protecting-the-Mobile-Access-portal-from-password-brute-force/m-p/133119#M711 G_W_Albrecht 2021-11-03T10:55:30Z Re: Protecting the Mobile Access portal from password brute force https://community.checkpoint.com/t5/Mobile/Protecting-the-Mobile-Access-portal-from-password-brute-force/m-p/133120#M712 <P>Please tell me the number of the item, I read the admin guide and did not find it</P> Wed, 03 Nov 2021 10:57:13 GMT https://community.checkpoint.com/t5/Mobile/Protecting-the-Mobile-Access-portal-from-password-brute-force/m-p/133120#M712 Arturxr 2021-11-03T10:57:13Z Re: Protecting the Mobile Access portal from password brute force https://community.checkpoint.com/t5/Mobile/Protecting-the-Mobile-Access-portal-from-password-brute-force/m-p/133123#M713 <P>Starting page&nbsp;<SPAN style="font-family: inherit; background-color: #ffffff;">170 is&nbsp;</SPAN><SPAN style="font-family: inherit; background-color: #ffffff;">User Authentication in Mobile Access. Here you select which kind of authentication should be used, and further steps are depending on it.</SPAN></P> Wed, 03 Nov 2021 11:17:49 GMT https://community.checkpoint.com/t5/Mobile/Protecting-the-Mobile-Access-portal-from-password-brute-force/m-p/133123#M713 G_W_Albrecht 2021-11-03T11:17:49Z Re: Protecting the Mobile Access portal from password brute force https://community.checkpoint.com/t5/Mobile/Protecting-the-Mobile-Access-portal-from-password-brute-force/m-p/133129#M714 <P>We have read, in our understanding it is used for 2-fa, we cannot organize dynamicid due to lack of resources, we are interested in the issue of blocking MAB users after entering the password incorrectly more than 3 times. Is there such functionality.</P> Wed, 03 Nov 2021 12:16:39 GMT https://community.checkpoint.com/t5/Mobile/Protecting-the-Mobile-Access-portal-from-password-brute-force/m-p/133129#M714 Arturxr 2021-11-03T12:16:39Z Re: Protecting the Mobile Access portal from password brute force https://community.checkpoint.com/t5/Mobile/Protecting-the-Mobile-Access-portal-from-password-brute-force/m-p/133131#M715 <P>Not for Legacy Auth with User/Password.</P> Wed, 03 Nov 2021 12:30:10 GMT https://community.checkpoint.com/t5/Mobile/Protecting-the-Mobile-Access-portal-from-password-brute-force/m-p/133131#M715 G_W_Albrecht 2021-11-03T12:30:10Z Re: Protecting the Mobile Access portal from password brute force https://community.checkpoint.com/t5/Mobile/Protecting-the-Mobile-Access-portal-from-password-brute-force/m-p/133132#M716 <P>it turns out that there is no such functionality?</P> Wed, 03 Nov 2021 12:33:18 GMT https://community.checkpoint.com/t5/Mobile/Protecting-the-Mobile-Access-portal-from-password-brute-force/m-p/133132#M716 Arturxr 2021-11-03T12:33:18Z Re: Protecting the Mobile Access portal from password brute force https://community.checkpoint.com/t5/Mobile/Protecting-the-Mobile-Access-portal-from-password-brute-force/m-p/133142#M717 <P>No - what we have is&nbsp;<SPAN>sk112454&nbsp;How to configure Rate Limiting rules for DoS Mitigation (R80.20 and higher), but here we talk about more than 1000 packets per second ;- ) This can be used to prevent&nbsp;password brute force attacks...</SPAN></P> Wed, 03 Nov 2021 14:14:20 GMT https://community.checkpoint.com/t5/Mobile/Protecting-the-Mobile-Access-portal-from-password-brute-force/m-p/133142#M717 G_W_Albrecht 2021-11-03T14:14:20Z