Reputation: 3232
MySql 5.7. lock account after too many failed attempts
is there really no "build in" way to lock an mysql account (I use 5.7.15 on Debian) after a configured number of failed login attempts?
Upvotes: 1
Views: 2561
Answers (1)
Reputation: 77916
is there really no "build in" way to lock an mysql account
Not that I know off but you can get it done using application logic. That's: have a bit column named IsLocked bit and a RetryCount INT column. In your, application, check if it's subsequent login attempt and if it's then increase the RetryCount column.
Once, RetryCount column reaches to 3 (per your need) update the table set IsLocked column to true.
So, any login attempt after that; just check if the IsLocked column is true and if yes then deny the login and throw validation error message to end user.
Upvotes: 0
Related Questions
- How to handle locked accounts in MySQL
- How to Lock a user's account in MySQL 5.7?
- Mysql stuck in an expired password loop
- Prevent MySQL login with empty password
- Limiting the number of failed login attemps
- User cannot use his last five passwords
- blocking login after X failed attempts
- Auto-Discourage MySQL brutforce login attempts
- PHP - Stop Concurrent User Logins
- Limiting login tries to protect from BFA's