You know how there is a new option in phpBB2.2 that you can make a password protected forum?
Well I was wondering if a user just starts putting in fake passwords trying to see if he/she can get it will it log those attempts to get in anywhere? So maybe the admin can ban them?
Password forum questions...
Forum rules
Discussion of general topics related to the new release and its place in the world. Don't discuss new features, report bugs, ask for support, et cetera. Don't use this to spam for other boards or attack those boards!
Discussion of general topics related to the new release and its place in the world. Don't discuss new features, report bugs, ask for support, et cetera. Don't use this to spam for other boards or attack those boards!
-
Jackal05
- Registered User
- Posts: 80
- Joined: Sat Oct 25, 2003 11:28 pm
- Location: Nowhere of nowhere
- Contact:
Password forum questions...
"There are two groups of people, the hunters and the hunted."
-Anonymous
[ My Home | http://www.jackaldesigns.com/ ]
[ Current Project | http://www.jackaldesigns.com/Projects/G ... /index.php ]
-Anonymous
[ My Home | http://www.jackaldesigns.com/ ]
[ Current Project | http://www.jackaldesigns.com/Projects/G ... /index.php ]
Re: Password forum questions...
What if you want to have a 'guess the password' game? 
Good question though, the user should lose permission to view the forum, similar with multiple failed log-in attempts banning an IP or such.
Good question though, the user should lose permission to view the forum, similar with multiple failed log-in attempts banning an IP or such.
Images in sigs! please.
Re: Password forum questions...
You cannot ban any and all IP's in that way, not for any length of time anyway ... for what should be obvious and oft repeated reasons. I am still considering whether to include a failure limit for wrong (user) passwords. My major concern is (and yes obviously it'll be admin defined) what happens when you get Mr. Idiot going through the memberlist maxing out password retry limits for a bunch of users ... I can imagine a lot of very annoyed users contacting admins asking why they have to reactivate their accounts.
Re: Password forum questions...
Or even locking the Admins out!
"It's a fiction like all history, it's been distorted until it makes sense" - Andy Yorke
-
Jackal05
- Registered User
- Posts: 80
- Joined: Sat Oct 25, 2003 11:28 pm
- Location: Nowhere of nowhere
- Contact:
Re: Password forum questions...
So oing back at the subject about password protected forums currently will it log any failed attempts to get it? yes or no? If no will this ever be a feature?psoTFX wrote:You cannot ban any and all IP's in that way, not for any length of time anyway ... for what should be obvious and oft repeated reasons. I am still considering whether to include a failure limit for wrong (user) passwords. My major concern is (and yes obviously it'll be admin defined) what happens when you get Mr. Idiot going through the memberlist maxing out password retry limits for a bunch of users ... I can imagine a lot of very annoyed users contacting admins asking why they have to reactivate their accounts.
"There are two groups of people, the hunters and the hunted."
-Anonymous
[ My Home | http://www.jackaldesigns.com/ ]
[ Current Project | http://www.jackaldesigns.com/Projects/G ... /index.php ]
-Anonymous
[ My Home | http://www.jackaldesigns.com/ ]
[ Current Project | http://www.jackaldesigns.com/Projects/G ... /index.php ]
Re: Password forum questions...
What about a revalidation mail ???
Advantage:
- Secured
- Doesn't take time
- Really check if it's a good/wrong user ...
Advantage:
- Secured
- Doesn't take time
- Really check if it's a good/wrong user ...