Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Enhancement]Lock account for timeout duration after failed login attempts #51948

Open
wants to merge 5 commits into
base: main
Choose a base branch
from
Open

[Enhancement]Lock account for timeout duration after failed login attempts #51948

wants to merge 5 commits into from
+129 −3

Conversation

rohitrs1983
Copy link
Contributor

@rohitrs1983 rohitrs1983 commented Oct 15, 2024
edited
Loading

Lock account for timeout duration after failed login attempts

Why I'm doing:

What I'm doing:

Fixes #51917

$ mysql -h127.0.0.1 -P9030 -u jack -p
Enter password:
ERROR 1045 (28000): Access denied for user 'jack' (using password: YES)
$ mysql -h127.0.0.1 -P9030 -u jack -p
Enter password:
ERROR 1045 (28000): Access denied for user 'jack' (using password: YES)
$ mysql -h127.0.0.1 -P9030 -u jack -p
Enter password:
ERROR 5204 (HY000): Access denied for user 'jack'@'127.0.0.1'. Account is temporarily locked due to 3 consecutive failed logins.
$ mysql -h127.0.0.1 -P9030 -u jack -p
Enter password:
ERROR 5204 (HY000): Access denied for user 'jack'@'127.0.0.1'. Account is temporarily locked due to 3 consecutive failed logins.
$ mysql -h127.0.0.1 -P9030 -u jack -p
Enter password:
mysql>

What type of PR is this:

  • BugFix
  • Feature
  • Enhancement
  • Refactor
  • UT
  • Doc
  • Tool

Does this PR entail a change in behavior?

  • Yes, this PR will result in a change in behavior.
  • No, this PR will not result in a change in behavior.

If yes, please specify the type of change:

  • Interface/UI changes: syntax, type conversion, expression evaluation, display information
  • Parameter changes: default values, similar parameters but with different default values
  • Policy changes: use new policy to replace old one, functionality automatically enabled
  • Feature removed
  • Miscellaneous: upgrade & downgrade compatibility, etc.

Checklist:

  • I have added test cases for my bug fix or my new feature
  • This pr needs user documentation (for new or modified features or behaviors)
    • I have added documentation for my new feature or new function
  • This is a backport pr

Bugfix cherry-pick branch check:

  • I have checked the version labels which the pr will be auto-backported to the target branch
    • 3.3
    • 3.2
    • 3.1
    • 3.0
    • 2.5

@rohitrs1983 rohitrs1983 requested review from a team as code owners October 15, 2024 19:59
@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Passed Quality Gate passed

Issues
7 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

@kevincai
Copy link
Contributor

@mergify rebase

@mergify Mergify
Copy link
Contributor

mergify bot commented Nov 25, 2024

rebase

✅ Branch has been successfully rebased

kevincai
kevincai reviewed Nov 25, 2024
View reviewed changes
Copy link
Contributor

@kevincai kevincai left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@rohitrs1983 what if the user account get locked and then never attempted for a long time. The failed record is not cleaned. May need to add periodic task to clean expired locks.

@rohitrs1983
Copy link
Contributor Author

@rohitrs1983 what if the user account get locked and then never attempted for a long time. The failed record is not cleaned. May need to add periodic task to clean expired locks.

@kevincai have fix the issue. i have added the cleanup mechanism as part of password validation process with a default cleanup timeout is 24h.

@rohitrs1983 rohitrs1983 requested a review from kevincai December 7, 2024 07:30
@sonarqubecloud SonarQubeCloud
Copy link

sonarqubecloud bot commented Dec 7, 2024

Quality Gate Passed Quality Gate passed

Issues
9 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@rohitrs1983 rohitrs1983 requested a review from kevincai January 19, 2025 11:27
@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Passed Quality Gate passed

Issues
7 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@github-actions GitHub Actions
Copy link

[Java-Extensions Incremental Coverage Report]

pass : 0 / 0 (0%)

@github-actions GitHub Actions
Copy link

[BE Incremental Coverage Report]

pass : 0 / 0 (0%)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kevincai kevincai Awaiting requested review from kevincai

At least 2 approving reviews are required to merge this pull request.

Assignees

@rohitrs1983 rohitrs1983

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Database password anti-brute force cracking
2 participants
@rohitrs1983 @kevincai