Skip to content
This repository has been archived by the owner on Apr 26, 2024. It is now read-only.

We should ratelimit Login (and register) requests more aggressively (SYN-559) #1452

Closed
matrixbot opened this issue Dec 21, 2015 · 1 comment
Closed

We should ratelimit Login (and register) requests more aggressively (SYN-559) #1452

matrixbot opened this issue Dec 21, 2015 · 1 comment
Assignees
@babolivier

Comments

@matrixbot
Copy link
Member

Submitted by @​matthew:matrix.org
As they chew bcrypt and provide an easy DoS vector. Plus we don't want people password attacking us anyway

(Imported from https://matrix.org/jira/browse/SYN-559)
@matrixbot matrixbot changed the title We should ratelimit Login requests more aggressively (SYN-559) We should ratelimit Login requests more aggressively (https://github.com/matrix-org/synapse/issues/1452) Nov 7, 2016
@matrixbot matrixbot changed the title We should ratelimit Login requests more aggressively (https://github.com/matrix-org/synapse/issues/1452) We should ratelimit Login requests more aggressively (SYN-559) Nov 7, 2016
@richvdh richvdh changed the title We should ratelimit Login requests more aggressively (SYN-559) We should ratelimit Login (and register) requests more aggressively (SYN-559) Feb 13, 2019
@richvdh richvdh mentioned this issue Feb 13, 2019
Closed
@babolivier babolivier self-assigned this Feb 19, 2019
@babolivier babolivier mentioned this issue Mar 6, 2019
Merged
@babolivier
Copy link
Contributor

babolivier commented Mar 18, 2019
edited
Loading

Fixed in #4735 and #4821

@aaronraimist aaronraimist mentioned this issue Mar 31, 2019
Closed
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@babolivier babolivier

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@babolivier @matrixbot