PHP Classes

Authen_DAP: Slow down attempts to guess login passwords

Recommend this page to a friend!
  Info   View files View files (3)   DownloadInstall with Composer Download .zip   Reputation   Support forum   Blog    
Ratings Unique User Downloads Download Rankings
StarStarStar 55%Total: 1,662 This week: 1All time: 2,364 This week: 560Up
Version License Categories
authen_dap 1.0GNU Lesser Genera...User Management, Security
Description 

Author

This offers protection against automated attempts to guess login passwords also known as dictionary attacks.

It works by logging failed access attempts and when necessary it blocks the access to users that have failed to login too many times, as it may be an attack of a cracker using a dictionary of common passwords trying guess the correct password with an automated script.

The class uses a shared memory storage access class to keep track of the failed login attempts of each user.

Innovation Award
PHP Programming Innovation award nominee
January 2005
Number 6
One the types of attacks to breach the security of systems is to attempt to guess the access passwords of the system users.

Usually, the attacker resorts to dictionaries of common passwords that users tend to use, and try them all until one succeeds. This brute force attack method is usually known as dictionary attack.

This class provides a solution to protect against dictionary attacks a site that require the users to authenticate to have access to restricted pages.

It keeps track of login attempts to the same account, disabling access to that account for a given period after a few consecutive failed attempts.

This way, dictionary attack attempts are discouraged as they may take a very very long to be successful.

Manuel Lemos
Picture of Craig Manley
Name: Craig Manley <contact>
Classes: 5 packages by
Country: The Netherlands The Netherlands
Age: ???
All time rank: 2317 in The Netherlands The Netherlands
Week rank: 411 Down9 in The Netherlands The Netherlands Down
Innovation award
Innovation award
Nominee: 4x

Details

Requires the class library IPC_SharedMem. Get it here: http://www.phpclasses.org/browse/package/2059.html See test/example script for usage.

  Files folder image Files  
File Role Description
Accessible without login Plain text file DAP.php Class The main class, based on an existing Perl class of mine.
Plain text file README.TXT Data Instructions
Accessible without login Plain text file tdap.php Example Example/test script for Authen_DAP.

Downloadauthen_dap-2005-01-09.zip 3KB
Downloadauthen_dap-2005-01-09.tar.gz
Install with ComposerInstall with Composer
Needed packages  
Class DownloadWhy it is needed Dependency
IPC Shared Memory Download .zip .tar.gz for shared memory Required
 Version Control Unique User Downloads Download Rankings  
 0%
Total:1,662
This week:1
All time:2,364
This week:560Up
 User Ratings  
 
 All time
Utility:81%StarStarStarStarStar
Consistency:81%StarStarStarStarStar
Documentation:-
Examples:68%StarStarStarStar
Tests:-
Videos:-
Overall:55%StarStarStar
Rank:1906