Re: "too many auth failures"?

To: Nicolas.Williams%oracle.com@localhost, pgut001%cs.auckland.ac.nz@localhost
Subject: Re: "too many auth failures"?
From: Peter Gutmann <pgut001%cs.auckland.ac.nz@localhost>
Date: Wed, 27 Oct 2010 18:40:09 +1300

Nicolas Williams <Nicolas.Williams%oracle.com@localhost> writes:

>My view is that servers should have two failure counters: one for password
>and keyboard-interactive, another one for all others.

Yeah, I'd thought about that too, but where do you stop?  Which counter type
would a ZKP use?  Or EKE?  Or IBE?

(I still think the real problem isn't the server but the client, how's it
managing to try six different keys to get to one server?).

Peter.

Follow-Ups:
- Re: "too many auth failures"?
  - From: der Mouse
- Re: "too many auth failures"?
  - From: Nicolas Williams

References:
- Re: "too many auth failures"?
  - From: Nicolas Williams

Prev by Date: Re: "too many auth failures"?
Next by Date: Re: "too many auth failures"?
Previous by Thread: Re: "too many auth failures"?
Next by Thread: Re: "too many auth failures"?
Indexes:

Home | Main Index | Thread Index | Old Index