From: Remigiusz Sokolowski <>
Date: Thu, 11 Dec 2008 14:55:26 +0100
Message-ID: <1229003726.3469.77.camel@rems>


I wonder how do You deal with FAILED_LOGIN _ATTEMPTS issue in a day to day practice.
This part of profile is thought of as a countermeasure against "brute force" attacks on password, however dark side of it is a blocking an account.

Let's assume there is an evil insider, who blocks in this way accounts used by an application. Of course we can audit logins, find an enemy etc, but I would prefer to disable such possibility at all (because that means some completely authorized requests to fail).

The "ideal" solution to this issue would be to allow a client identified by IP to connect with for example only its own account or few chosen accounts.
Any thoughts?

Best regards


Remigiusz Sokolowski <>
pos  : DBA at DUSB
addr : Nordea Bank Polska SA, Luzycka 6A Street, 81-537 Gdynia, Poland
phone: +48 58 667 17 43

Nordea Bank Polska S.A. z siedziba w Gdyni, ul. Kielecka 2, 81-303 Gdynia wpisana do Rejestru Przedsiebiorców Krajowego Rejestru Sadowego pod numerem: 0000021828, dla której dokumentacje przechowuje Sad Rejonowy Gdansk – Pólnoc w Gdansku, VIII Wydzial Gospodarczy Krajowego Rejestru Sadowego, o kapitale zakladowym i wplaconym w wysokosci: 227.593.500,00 zlotych, NIP: 586-000-78-20, REGON: 190024711

-- Received on Thu Dec 11 2008 - 07:55:26 CST

Original text of this message