improving the security of Authentication process

reza.mirzaie68's picture

Dear All,
I have an idea about improving the security of Authentication process. when someone wants to login to Bonita portal, we make a brief history. if he put his username and password wrongly for three times, the software ban that user for example for one or two minutes. in order to improve security, we can email a new password to that user.
is it possible implement this idea in Bonita Authentication manager?


Submitted by Sean McP on Tue, 10/04/2016 - 23:49

As a base platform I agree with the principle of having a reset password function from the login screen. And agree this should be provided as part of the basic Community software up.

Regarding lock-out I don't believe that is practical in Community,

So For Bonitasoft - Please add a Reset Function to the Login-Screen.


Submitted by reza.mirzaie68 on Thu, 10/06/2016 - 15:45

ok, How can we implement this feature in Bonita Community7.3.0? Do you have any idea or any sample code?

Submitted by g.lapierre on Fri, 03/03/2017 - 11:42

Since you can implement your own authentication manager, you can implement lock out easily provided you have a way to store failed login attempts. I used a custom authentication manager to use LDAP login in community edition!