Simple brute-force prevention (account locking) for Flow
This package provides simple brute-force prevention (account locking) for Neos/Flow.
A notification email can be send to an administrator when an account has been locked.
Compatible with Neos 3.x + 4.x / Flow 4.x + 5.x
Be aware that there are ways to circumvent this protection and it can be misused, see Blocking Brute Force Attacks for more information.
Note that the threshold is disabled in development context by default. To override it, create a
configuration file inside a
Development folder inside a
composer require "aertmann/brute-force:~2.0"
Failed attempts threshold and notification mail can be configured in