Display User Friendly Lockout Messages in Webmail
Idea shared by Ronald Raley - December 17, 2018 at 9:31 AM
Under Consideration
Instead of one sinle generic message at the login prompt, I propose that the webmail user see something similar to this:

Too many login failures.  Your account has been locked. You can try again in X minutes/hours/days or contact Z.

Too many login failures with this IP address.  This IP address has been locked.  Please try again in X minutes/hours/days or contact Z.

Where X is the time parameters set within SmarterMail.
Where Z is an e-mail address set within SmarterMail.

Thank you for your consideration.
Ron

6 Replies

Reply to Thread
0
Yes .. and yes!!!
0
Hi Ronald, 

Thank you for the suggestion. I will forward this to the development team for their consideration. 

Andrea Rogers
Customer Operations Manager
SmarterTools Inc.
877-357-6278

www.smartertools.com

2
I would think stating locked out is great but having the option to not stay time, etc. as I can see dumb hackers reading the screen and trying right after it expires.
0
Yeah, giving away your block times etc. doesnt seem like a great idea...

Christopher

1
You generally got to be very careful of what info you relay back to the login page. Hackers could use any piece of information they see to validate their other data. If they know they are blocked, they can try with a different IP or try a different user in the mean time. If we keep telling them the exact same thing, they may not know they are blocked or that they are even hitting a valid email address. This can slow down serious attempts to bruteforce this information.
Matt Petty
Software Developer
SmarterTools Inc.
(877) 357-6278
www.smartertools.com
0
We just need to be able to modify that message, we set up a personalized message. 

Reply to Thread