Compatible with DokuWiki
Install the plugin using the Plugin Manager and the download URL above, which points to latest version of the plugin. Refer to Plugins on how to install plugins manually.
This plugin adds a login delay feature similar to mobile devices. If a user enters a wrong password a few times in a row within a given period, they will be forced to wait before trying again.
A further failure will double the length of the required delay.
The plugin may help prevent brute force attacks. It does not provide any additional security measures.
The default configuration is 2 allowed failed attempts in 5 minutes. Both values can be adjusted.
The source code of the plugin is available at GitHub: cosmocode/dokuwiki-plugin-logindelay.
Please refer to the Issue Tracker for reporting issues.
I have a few questions about how this plugin work.
In Configurations settings, there are 2 variables: - maxFailures is the amount of attempts before the delay is imposed on the user that tries to log in. Right? - initialDelay is the length of the delay (in minute) after the number of failed attempts defined by the above variable. By default maxFailures is 2 and initialDelay is 5 minutes. So if a user fails to login twice, then they must wait 5 minutes before they can try to log in again, right? If they fail again then they must wait 10 minutes1), right?
What about if they fail again? will they have to wait 20 minutes, then 40, then 80 and so on?
How do you define the amount of time between 2 login failures to be considered consecutive? if they fail to log in once a day every day, will the delay be imposed on the 3rd day? Thanks :)