Displaying captcha after 3 failed login attempts
1,040 views
Skip to first unread message
GohanRay
Oct 25, 2010, 2:32:23 AM10/25/10
to Devise
Is there a way to use devise to keep track of the number of failed
login attempts within a short time period like 15 mins and if it
exceeds 3 attempts, display captcha (ReCaptcha) from the 4th attempt
onwards without locking the account ?
login attempts within a short time period like 15 mins and if it
exceeds 3 attempts, display captcha (ReCaptcha) from the 4th attempt
onwards without locking the account ?
TJ
Oct 25, 2010, 2:18:52 PM10/25/10
to Devise
I think you should be able to use the lockable module with
lock_strategy set to :failed_attempts and unlock_strategy set to :none
meaning you'll handle it manually, but instead of trying to lock the
account, just use the failed_attempts field to determine when to show
the captcha.
lock_strategy set to :failed_attempts and unlock_strategy set to :none
meaning you'll handle it manually, but instead of trying to lock the
account, just use the failed_attempts field to determine when to show
the captcha.
GohanRay
Oct 26, 2010, 7:04:16 AM10/26/10
to Devise
Thanks.. It works.. We used the automatic locking itself, but set the
maximum number of attempts to 1/0.0 (Infinity)... And then we display
captcha on per-user basis whose failed attempts exceed 3.. The best
part is that the failed attempts for a user is reset to zero once the
user successfully logs in,.. :-) :-)
Regards,
GohanRay
maximum number of attempts to 1/0.0 (Infinity)... And then we display
captcha on per-user basis whose failed attempts exceed 3.. The best
part is that the failed attempts for a user is reset to zero once the
user successfully logs in,.. :-) :-)
Regards,
GohanRay
Reply all
Reply to author
Forward
0 new messages