Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Arturxr
Explorer

Protecting the Mobile Access portal from password brute force

Is it possible to limit the number of password entry attempts on the Mobile Access portal?

For example, if a user enters an incorrect password 3 times, the user is blocked.

0 Kudos
7 Replies
G_W_Albrecht
Legend
Legend

Yes, that is possible, see the Mobile Access R81 Administration Guide - it does, however, depend on the used authentication type.

CCSE CCTE CCSM SMB Specialist
0 Kudos
Arturxr
Explorer

Please tell me the number of the item, I read the admin guide and did not find it

0 Kudos
G_W_Albrecht
Legend
Legend

Starting page 170 is User Authentication in Mobile Access. Here you select which kind of authentication should be used, and further steps are depending on it.

CCSE CCTE CCSM SMB Specialist
0 Kudos
Arturxr
Explorer

We have read, in our understanding it is used for 2-fa, we cannot organize dynamicid due to lack of resources, we are interested in the issue of blocking MAB users after entering the password incorrectly more than 3 times. Is there such functionality.

0 Kudos
G_W_Albrecht
Legend
Legend

Not for Legacy Auth with User/Password.

CCSE CCTE CCSM SMB Specialist
0 Kudos
Arturxr
Explorer

it turns out that there is no such functionality?

0 Kudos
G_W_Albrecht
Legend
Legend

No - what we have is sk112454 How to configure Rate Limiting rules for DoS Mitigation (R80.20 and higher), but here we talk about more than 1000 packets per second ;- ) This can be used to prevent password brute force attacks...

CCSE CCTE CCSM SMB Specialist
0 Kudos
Upcoming Events

    CheckMates Events