Remote Assistant Security Functions

Alan_Bonnici · March 10, 2020, 1:25pm

Hello,

I would like to suggest an optional switch that prevents brute force attacks:

Tar pits - After each successive failure to log in the time for the next attempt increases.
Account lock - After a number of failed attempts the account is locked for a period of time
Access failure alert - An email is generated when a number of failed attempts take place.

Hope this helps.

Joel · March 12, 2020, 3:49pm

I like the first two suggestions. I can’t imagine email alerts would ever be available other than behind a paywall.

Sergey_N · March 12, 2020, 4:53pm

[reply=“Alan Bonnici;d1592”] Hello Alan,

Thank you for suggesting it, from my side I can promise you to bring up those suggestions on our next Dev meeting and maybe they will get onto the development roadmap.

[reply=“Joel;5659”]

Perhaps you are right, but there is a slight chance due to the fact that we use Amazon SES and this should be really hard to upkeep.

Joel · March 12, 2020, 8:06pm

[reply=“Sergey N;5662”]

I could have worded it differently. I really meant to say "If such a feature could be done at all, it would certainly be behind a paywall.

That is more of a teamviewer kind of feature. I would hate to see this product turn into a TV clone rather than its own distinct product.

The other brute force resistant features i would think could strictly be implemented client side and fairly trivial to implement.

Sergey_N · March 17, 2020, 7:55am

[reply=“Joel;5666”] Well this is exactly the case where one typo changes the whole point Sorry Joel I meant

and this shouldn’t be really hard to upkeep.