logo

The ConnectWise Control forum has moved to ConnectWise University! This forum has been locked and is in read-only mode. Click here for instructions on how to access the new forum.

Welcome Guest! You can not login or register.

Notification

Icon
Error

Options
Go to last post Go to first unread
Sean  
#1 Posted : Tuesday, May 20, 2014 3:31:27 PM(UTC)
Sean


Rank: Administration

Medals: Level 3: Shirt off your back! Received 25 Thanks!

Joined: 4/16/2010(UTC)
Posts: 441
Location: Raleigh

Thanks: 5 times
Was thanked: 38 time(s) in 33 post(s)
Quote:
One of my security engineers asked about how Screenconnect handles bruteforce login attempts. Does it have a lockout after several bad attempts?


Yes, that can be configured currently via the web.config. But in 4.4 which is available as a pre-release, we have added the following to the Admin Pages->Security:
Code:

MaxInvalidPasswordAttempts	
MinRequiredNonAlphanumericCharacters	
MinRequiredPasswordLength	
PasswordAttemptWindow	
PasswordStrengthRegularExpression
ScreenConnect Team

Users browsing this topic
Forum Jump  
You cannot post new topics in this forum.
You cannot reply to topics in this forum.
You cannot delete your posts in this forum.
You cannot edit your posts in this forum.
You cannot create polls in this forum.
You cannot vote in polls in this forum.