Page MenuHomePhabricator
Differential D8911

Rate limit multi-factor actions
ClosedPublic
Actions

Authored by epriestley on Apr 30 2014, 4:21 PM.
Tags
None
Referenced Files
F19940511: D8911.id21146.diff
Wed, Apr 15, 2:38 AM
F19914587: D8911.id21167.diff
Fri, Apr 3, 1:00 PM
F19891090: D8911.id.diff
Thu, Mar 26, 11:23 PM
F19848311: D8911.id21146.diff
Mar 12 2026, 7:00 PM
F19840937: D8911.id21146.diff
Mar 11 2026, 8:03 PM
F19840930: D8911.id21146.diff
Mar 11 2026, 8:03 PM
F19668293: D8911.diff
Feb 7 2026, 6:36 PM
F19524295: D8911.diff
Jan 17 2026, 11:38 PM
View All Files
Subscribers
epriestley

Details

Reviewers
btrahan
Maniphest Tasks
T4398: Implement two-factor authentication
Commits
Restricted Diffusion Commit
rP23e654ec2bc8: Rate limit multi-factor actions
Summary

Ref T4398. Prevent users from brute forcing multi-factor auth by rate limiting attempts. This slightly refines the rate limiting to allow callers to check for a rate limit without adding points, and gives users credit for successfully completing an auth workflow.

Test Plan

Tried to enter hisec with bad credentials 11 times in a row, got rate limited.

Diff Detail

Repository
rP Phabricator
Lint
Lint Skipped
Unit
Tests Skipped

Event Timeline

epriestley updated this revision to Diff 21146.Apr 30 2014, 4:21 PM
epriestley retitled this revision from to Rate limit multi-factor actions.
epriestley updated this object.
epriestley edited the test plan for this revision. (Show Details)
epriestley added a reviewer: btrahan.
epriestley added a task: T4398: Implement two-factor authentication.
Herald added a subscriber: epriestley. · View Herald TranscriptApr 30 2014, 4:21 PM
Harbormaster completed remote builds in B143: Diff 21146.Apr 30 2014, 4:22 PM
btrahan accepted this revision.Apr 30 2014, 6:32 PM
btrahan edited edge metadata.
This revision is now accepted and ready to land.Apr 30 2014, 6:32 PM
epriestley closed this revision.Apr 30 2014, 9:30 PM
epriestley updated this revision to Diff 21167.

Closed by commit rP23e654ec2bc8 (authored by @epriestley).

Revision Contents
Changeset List

PathSize
resources/
celerity/
8 lines
src/
2 lines
applications/
auth/
action/
21 lines
engine/
22 lines
system/
engine/
56 lines

Diff 21167

View Options

resources/celerity/map.php

Loading...
View Options

src/__phutil_library_map__.php

Loading...
View Options

src/applications/auth/action/PhabricatorAuthTryFactorAction.php

Loading...
View Options

src/applications/auth/engine/PhabricatorAuthSessionEngine.php

Loading...
View Options

src/applications/system/engine/PhabricatorSystemActionEngine.php

Loading...
Phabricator · Built by Phacility