Back to Community Threads
5
Display User Friendly Lockout Messages in Webmail
Idea shared by Ron Raley - 12/17/2018 at 9:31 AM
Under Consideration
Instead of one sinle generic message at the login prompt, I propose that the webmail user see something similar to this:

Too many login failures.  Your account has been locked. You can try again in X minutes/hours/days or contact Z.

Too many login failures with this IP address.  This IP address has been locked.  Please try again in X minutes/hours/days or contact Z.

Where X is the time parameters set within SmarterMail.
Where Z is an e-mail address set within SmarterMail.

Thank you for your consideration.
Ron

6 Replies

Reply to Thread
0
Yes .. and yes!!!
0
Andrea Free Replied
12/17/2018 at 1:04 PM
Employee Post
Hi Ronald, 

Thank you for the suggestion. I will forward this to the development team for their consideration. 
Andrea Free SmarterTools Inc. 877-357-6278 www.smartertools.com
2
I would think stating locked out is great but having the option to not stay time, etc. as I can see dumb hackers reading the screen and trying right after it expires.
0
Yeah, giving away your block times etc. doesnt seem like a great idea...
1
Matt Petty Replied
12/18/2018 at 7:41 AM
Employee Post
You generally got to be very careful of what info you relay back to the login page. Hackers could use any piece of information they see to validate their other data. If they know they are blocked, they can try with a different IP or try a different user in the mean time. If we keep telling them the exact same thing, they may not know they are blocked or that they are even hitting a valid email address. This can slow down serious attempts to bruteforce this information.
Matt Petty Software Developer SmarterTools Inc. (877) 357-6278 www.smartertools.com
0
We just need to be able to modify that message, we set up a personalized message. 
Back to Community Threads

Reply to Thread

Related Knowledge Base Articles

Contact Groups in WebmailSmarterMail > Desktop and Mobile Synchronization
Upgrading SmarterMail (Domain Conversion)SmarterMail > Installation and Configuration
Outlook (MAPI) encoding for some types of embedded filesSmarterMail > Desktop and Mobile Synchronization
"No Subject" or "No Sender" MessagesSmarterMail > Troubleshooting
Adding Delegates in eM Client (Windows and Mac)SmarterMail > Desktop and Mobile Synchronization