Failed Login Throttling Adjustment
Posted: 2010-08-03 16:36
Hello,
I am investigating Filezilla as a possible solution for my ftp needs and have a question about the failed login delay. I tested this feature by intentionally logging in to the server incorrectly about a dozen times and the delay did not seem to get above 5 seconds with me hitting the connect button as soon as the previous one failed. I also did not notice a difference in how long the system was taking to authenticate my credentials with each attempt.
My question is, does the delay for this feature max out at 5 seconds? While I understand a 5 second delay frustrates a brute force attack, I would feel better if the maximum delay time was significantly higher than it is. If the delay is a factor of how long it takes to authenticate rather than the initialization, I suppose I just may not be noticing it. And of course, I suppose it's possibly my attempts simply don't behave closely enough to an automation to trigger the serious delays. If there is a limit to the maximum delay, is there a way to adjust it?
Thank you for your time and help.
I am investigating Filezilla as a possible solution for my ftp needs and have a question about the failed login delay. I tested this feature by intentionally logging in to the server incorrectly about a dozen times and the delay did not seem to get above 5 seconds with me hitting the connect button as soon as the previous one failed. I also did not notice a difference in how long the system was taking to authenticate my credentials with each attempt.
My question is, does the delay for this feature max out at 5 seconds? While I understand a 5 second delay frustrates a brute force attack, I would feel better if the maximum delay time was significantly higher than it is. If the delay is a factor of how long it takes to authenticate rather than the initialization, I suppose I just may not be noticing it. And of course, I suppose it's possibly my attempts simply don't behave closely enough to an automation to trigger the serious delays. If there is a limit to the maximum delay, is there a way to adjust it?
Thank you for your time and help.