LFD should recognize a non-malicious repeat login failure...

[biadmin]

Hi,
I had an issue with the firewall blocking a client who's password was changed and her phone kept trying to login triggering the bad login attempts. Since the firewall on the server changed, it took me a while to figure out that is what was happening.

I think the firewall should not have blocked her IP over the cell phone issue. If making a brute force attack, one would not use the same password over and over, so if the requests are not coming in fast enough to constitute a DOS attack, it should be recognized as not a malicious login failure,

I realize this would require the logging of the password being used, but distinguishing this situation seems like a worthy thing to do.

Am I mistaken?

[HOSTEDPOWER]

If this could be detected properly somehow that would be huge improvement, however I doubt it can be done (easily) technically..

[HOSTEDPOWER]

If this could be detected properly somehow that would be huge improvement, however I doubt it can be done (easily) technically..