2009-03-07, 11:46 AM
I have looked high and low for an option to have admincp count failed logins and lockout or at the very least send a warning email or log the intrusion attempt but I don't see any such option. Is there such an option available? Or a mod available for it?
I can understand why admincp would not have failed logins lockout (assuming it doesn't), since it wouldn't be a good idea to lock out an admin, but rather than not have that option at all and leaving it open to bruteforcing, is it possible to have an additional security level if there has been a lockout?
For example, if there is a failed login lockout, the admin would have to say enter a 'master password' as well as the regular password before getting in, or click on a link in the email or maybe upload a file with a specified random character name to a certain directory via ftp to unlock the system or alternatively just wait the 15minutes to gain access.
Of course all the above is moot if there is the option that I have overlooked
Oh yeah, lastly, new user to MyBB after extensively looking at other boards and glad to say I'm going with MyBB and lovin it
I can understand why admincp would not have failed logins lockout (assuming it doesn't), since it wouldn't be a good idea to lock out an admin, but rather than not have that option at all and leaving it open to bruteforcing, is it possible to have an additional security level if there has been a lockout?
For example, if there is a failed login lockout, the admin would have to say enter a 'master password' as well as the regular password before getting in, or click on a link in the email or maybe upload a file with a specified random character name to a certain directory via ftp to unlock the system or alternatively just wait the 15minutes to gain access.
Of course all the above is moot if there is the option that I have overlooked
Oh yeah, lastly, new user to MyBB after extensively looking at other boards and glad to say I'm going with MyBB and lovin it