Login attempts Administrator Warning!

How can we Administrators of ERPNext know that a user has tried more than 3/5 times to login and did not succeeded?
By checking the Authentication Log but why does not the system informs the Admin of the wrong attempts and lock the account for XXXX amount of time.

This should be a security concern.

1 Like


Can you raise the Github Issue for this ?

Will do so.

I have done.

Theres already an issue in place for this


Add a thumbs up to show interest.

1 Like

This the one I’ve opened and referenced yours too.

Did not see this one implemented on the new version 8.2 ?

Has this gotten any attention?
Or at least, I would like to know if there is any logfile in the system where the attempts are logged, and we could use Fail2Ban to block after certain number of attempts