Brute Force Attack By API Or Login Page

Report · Sep 04, 2020

Hi
I have a security question
When a hacker intends to attack Brute-force, he can easily call all users with the wrong password by placing a simple loop, and after 5 times, the account will be deactivated for a period while. This is one of the new system security policies!

"If a user incorrectly enters a password five (5) times, the account is locked out for five (5)
minutes and the user is notified by email that the account has been temporarily suspended."

How can these attacks be prevented?
The Brute-force solution all over the world is captcha codes. Is it possible to add captcha or another solution?

I need your idea and solutions

Thanks in advance

Report · Sep 06, 2020

Is there anybody here?

I do not believe why no one answers my question?
How to unblock users? I mean lots of users?

Report · Sep 07, 2020

Hi Mahmood,

Yes, we have 2 step verification that you can use to strengthen the security of your account, it is much better than captcha and re-captcha.

You can set up two-step verification (also known as two-factor authentication or 2FA). Once you set up two-step verification, a verification code is required to sign in to your Adobe account before you enter your Adobe ID password. You can choose to receive this code on your email address or mobile phone, or an authenticator app.

For more details, please refer to the following help document: https://helpx.adobe.com/x-productkb/global/2-step-verification-account-security.html.

Hope this helps.

Report · Sep 08, 2020

Thank you very much.

But I want to know how can I enable google captcha in the Adobe Connect system?

Please guide me

Report · Sep 09, 2020

Hi Mahmood,

Would you mind telling us your use case? is prevention of Brute Force/SQL injection attack the only case?

Do you want to create a login page with captcha auth, after which a user can be granted access to Adobe Connect recording/live session?

Do you want to use custom captcha APIs before Adobe Connect integration?

If you can let me know a few details, I can ask someone from the Connect team to get in touch with you.

Thanks,

Saurav

Report · Sep 11, 2020

Yes, exactly a hacker can lock or block all user accounts in the current system by inserting a loop and sending a login command 5 times.
I want to stop this. One way is to put captcha on the login page.
Another way to disable the API login service

Report · Sep 09, 2020

This Link may help - https://arastta.org/docs/how-to/how-to-enable-google-recaptcha

Report · Sep 11, 2020

It is not useful for my problem because I don't know how can I edit the login page!

And my question is, is there any option in the Adobe Connect system for enabling captcha?

Report · Sep 13, 2020

We don't have any way of enabling CAPTCHA however you can enable two step verification for all users.

https://helpx.adobe.com/in/x-productkb/global/2-step-verification-account-security.html

Adobe Community

Brute Force Attack By API Or Login Page

1 Correct answer