Post reply

Question regarding locking out a user after failed login attempts

  • January 25, 2010 at 2:03 pm

    #214881

    Hopefully I'm just not looking in the right place for this ...

    Is there no way to configure your database server to prevent a user from attempting to log in as many times as they want until they get the password correct?

    IE, right now it seems like I can just keep guessing passwords until one works. I'd like to make it so that after three consecutive failed login attempts, the user is locked out of the database server, preferrably by blocking them from that machine/IP.

  • January 25, 2010 at 2:30 pm

    #1108398

    yes, you need to turn enforce password policies, and then set them, or use windows authentication and let the domain handle it for you...

    Here's an article that should give you the basic idea...

    http://searchsqlserver.techtarget.com/news/article/0,289142,sid87_gci1102101,00.html

    To help us help you read this[/url]For better help with performance problems please read this[/url]

Viewing 2 posts - 1 through 1 (of 1 total)

You must be logged in to reply to this topic. Login to reply