Ecommerce software home
Shopping Cart Software Forum for Ecommerce Templates
 
Home | Profile | Register | Active Topics | Members | Search | FAQ
Username:
 Password:
Save Password
Forgot your Password?

Find us on Facebook Follow us on Twitter View our YouTube channel
Search our site
Forum Search
Google Site Search
Buy now for ...
How it works
General help
 All Forums
 Technical
 PHP (Unix / Linux / Apache) versions
 Password Lockout Best Practices
Author « Topic »  

pauld
Ecommerce Template Expert

USA
500 Posts

Posted - 10/09/2018 :  13:43:32  
We've learned that starting with v6.1 our users are allowed only a small number of failed login attempts until logins are disabled and we've got to upload a password reset file by FTP.

This isn't a huge issue if one of our admins is in the office with access to the system that has our FTP credentials, but could cause huge issues our fulfillment team if the admin is away from the office.

1. What is the maximum number of failed login attempts (and any other determining factors) allowed?
2. Is there any way to change this rule - say, to increase the number of failed attempts allowed?
3. Following the failed attempts, is login disabled for all Login Names in the Cart, or only the Login Name that had the failed attempts? In other words, is is possible for an admin with a different Login Name to login and reset the password of the locked account?
4. Can you suggest any other best practices to help avoid the scenario where we need to upload the reset file - which isn't always possible?

Thanks in advance.

- Paul D.

dbdave
ECT Moderator

USA
10468 Posts
Posted - 10/09/2018 :  14:14:22  
I know this doesn't directly answer your question, but with 15 people (employees here) we don't have this issue. The computer has a password and the admin password is stored by the browser so no password is required when assessing the admin.
Further, if my employees cannot remember their password day after day, I would question their ability to perform their job.

Have you tried to get to the bottom of why this is happening in the first place?

pauld
Ecommerce Template Expert

USA
500 Posts
Posted - 10/09/2018 :  14:18:56  
Dave, we use an outside fulfillment center, and many days the place is so busy that the employees can barely remember their own names, let alone all the logins for their different corporate clients.

Furthermore we wouldn't want our credentials stored in the browsers of computer terminals (say, in the shipping area) where everyone from truck drivers to janitorial staff have physical access.

dbdave
ECT Moderator

USA
10468 Posts
Posted - 10/09/2018 :  14:36:57  
Hi Paul, that does explain. A unique situation for sure.
I think it may be three attempts, but I expect Vince or Andy will be able to give you more details on that feature.

Andy
ECT Moderator

95440 Posts
Posted - 10/10/2018 :  01:06:29  
Hi Paul

Why not give users secondary logins and then you have the main (master) login - that way you can restrict users to particular pages and if somebody messes up it's only their own account affected.

Andy

Please feel free to review / rate our software
  « Topic »  
Jump To:
Shopping Cart Software Forum for Ecommerce Templates © 2002-2022 ecommercetemplates.com
This page was generated in 0.02 seconds. Snitz Forums 2000