rhino/vaultwarden
1
0
Fork 0
mirror of https://github.com/dani-garcia/vaultwarden.git synced 2026-03-22 17:59:20 -07:00
Code Issues Packages Projects Releases Wiki Activity

Updated Hardening Guide (WIP) (markdown)

Kjeld Schouten-Lebbing
2020-01-29 16:39:46 +01:00
parent 71cefc7e9b
commit 8569619a05
1 changed files with 3 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
Hardening-Guide-(WIP).md

@@ -16,4 +16,6 @@ bitwarden_rs displays password hints on the login page to accommodate small/loca
## SMTP hardening
## Brute-force mitigation
## Brute-force mitigation
When two-factor-authentication is not in use, it is (in theory) possible to brute-force user passwords and thus gain access to their account. One, relatively easy, way to mitigate this, is setting up fail2ban which blocks ipadresses after too many failed login attempts. However: Care should be taken when using this behind multiple reverse-proxies (such as cloudflare).
See: [[Fail2Ban Setup|Fail2Ban Setup]]