CLM 6.0.2 - CAPTCHA in login screen after few unsuccesfull login attempts
Hello ,
We have setup CLM 6.0.2 which is available through internet so that it would be accessible for our suppliers as well.
We would like to know at the login screen of jazz if it would be possible to have a CAPTCHA after few failed login attempts.
Reason being jazz allows a user to login even after 100 failed attempts therefore the login form seems to be susceptible to password-guessing attacks.
For authentication we are using ISDS V6.4 (Tivoli directory server) standalone LDAP registry. Now I checked the password policy settings here and it is possible to lock the user's account after few failed attempts however the error message at the login screen would still show invalid user id/password which is not much of help.
Please provide your thoughts if CAPTCHA could be enabled on the jazz login form.
Thanks,
Vishnu M
Accepted answer
Hello,
It is not possible to customize the login screen and for many reasons a enhancement request was refused a long time ago.
So, you can't add a CAPTCHA to your login page, but maybe you can try a new enhancement request.
However, you can put a little bit more security over your installation if you use some network level solution, for exemple a VPN.