You are not logged in.
- Topics: Active | Unanswered
#1 2019-07-05 10:07:26
- Rayleigh
- Member
- Registered: 2019-07-04
- Posts: 7
How to effectively enforce a delay after a failed login attempt?
After following exactly what wiki says here: https://wiki.archlinux.org/index.php/Se … in_attempt
auth optional pam_faildelay.so delay=20000000
I have the following problem. When I hit the wrong password the delay starts "counting" as expected but, by hitting "esc" I can then re-enter my password without having to wait for the delay to finish. Is this normal? In any case, what should I do, to effectively enforce the delay?
Offline
#2 2019-07-05 12:23:52
- seth
- Member
- From: Don't DM me only for attention
- Registered: 2012-09-03
- Posts: 74,257
Re: How to effectively enforce a delay after a failed login attempt?
idk what that even is - any reason you're not using "man pam_tally"? (In particular deny and un|lock_time)?
Online
#3 2019-07-05 13:58:07
- Rayleigh
- Member
- Registered: 2019-07-04
- Posts: 7
Re: How to effectively enforce a delay after a failed login attempt?
This is the first time I've heard of it. I'm gonna try configure it (pam_tally2) tonight and I' ll make sure to update the post. Thanks!
Offline
#4 2019-07-05 19:03:30
- Rayleigh
- Member
- Registered: 2019-07-04
- Posts: 7
Re: How to effectively enforce a delay after a failed login attempt?
Well after paying attention I realized that I do know pam_tally2 and am actually using it, not to enforce delay after a login attempt, but rather to lockout a user after x failed login attempts. Maybe I can do both I'll check.
Last edited by Rayleigh (2019-07-05 19:07:27)
Offline
#5 2019-07-05 19:08:12
- seth
- Member
- From: Don't DM me only for attention
- Registered: 2012-09-03
- Posts: 74,257
Re: How to effectively enforce a delay after a failed login attempt?
Edit on edit
What exactly are you looking for then (and why don't you use tally to enforce the delay)?
Last edited by seth (2019-07-05 19:08:49)
Online