Password Protection

The isapi authentication filter implements several mechanisms to ensure the proper use of passwords. Both the speed and network source of password attempts is monitored. High speed multiple attempts are interpreted as being sourced from automated password cracking and password hurler programs. Multiple attempts from multiple network sources are interpreted as sourced by password cracking, password hurling or password sharing. Correct attempts by multiple network sources are interpreted as being sourced by password sharing by multiple unauthorised users.

In each of these cases, the isapi authentication filter takes defensive measures and alerts the system administrator. These defensive measures include disabling accounts and locking out specific network sources. Persistent abusers are blacklisted.


Protection Scope
Account and Password Lockout
table of contents
full printable document





password protection ...
... industrial strength
distributed password protection
iis basic authentication
iis digest authentication

copyright(c) 2003
all rights reserved

design -