ziti icon indicating copy to clipboard operation
ziti copied to clipboard

Published 20 hours ago verified publisher icon openziti

Improve Default Admin Recovery Tooling

Open andrewpmartinez opened this issue 4 years ago • 2 comments

Add CLI tooling to recover/reset default admin.

andrewpmartinez avatar May 20 '21 19:05 andrewpmartinez

It feels dangerous to lock the default admin permanently. I assume the goal is to impede brute forcing the password, so a tarpit is sufficient to make brute forcing infeasible because the attempt rate is too slow for even a modest keyspace. How about five attempts and it's locked for 5 minutes?

qrkourier avatar Dec 14 '23 22:12 qrkourier

It feels dangerous to lock the default admin permanently. I assume the goal is to impede brute forcing the password, so a tarpit is sufficient to make brute forcing infeasible because the attempt rate is too slow for even a modest keyspace. How about five attempts and it's locked for 5 minutes?

I believe this can be configured through the auth policy feature.

andrewpmartinez avatar Jul 03 '24 15:07 andrewpmartinez