Response Processors: Login Processor: Incident - Site Login Brute Force

Complexity: Medium (3.0)

Default Response: 1x = Slow Connection for 6 hours, 3x = Slow Connection & Break Authentication for 6 hours

Cause: The login processor is designed to protect the login dialog of the website. It works by monitoring all login attempts and identifying suspicious and malicious events. This specific incident is triggered when a user completes 16 or more login attempts, each with a different username.

Behavior: A common authentication attack is Brute Force. This attack involves submitting a large number of username and password combinations in an effort to identify users who have chosen weak passwords. This type of attack is extremely noisy and requires thousands of requests to execute.