Validate Username and password without lockout upon failed attempts

-1
I would like to verify a user’s username and password without the side effect of locking out the user after a number of failed attempts. The code would be protected so that this would not open up a brute force attack. The information that I have seen on com.mendix.core.Core is not clear as to which methods result in a lockout situation and which ones do not.  Can anyone point me to more information about how this might be done? Thanks.
asked
1 answers
1

Using the authenticate method would probably work in your case:

public static boolean authenticate(IContext context,
                                   IUser user,
                                   java.lang.String password)
                            throws CoreException

To prevent brute force attacks you could try to implement one of the the ReCaptcha widgets from the appstore

answered