From ec4a099f182629d86a7421af7d4899a655be684e Mon Sep 17 00:00:00 2001 From: 0livd Date: Sun, 20 Aug 2017 12:37:12 +0200 Subject: Protect admin endpoints against brute force attacks (#249) * Protect admin endpoints against brute force attacks Add a throttling mechanism to prevent a client brute forcing the authentication form, based on its ip address Closes #245 * Reset attempt counters if they get memory hungry --- ihatemoney/translations/fr/LC_MESSAGES/messages.mo | Bin 8425 -> 8629 bytes ihatemoney/translations/fr/LC_MESSAGES/messages.po | 12 ++++++++---- 2 files changed, 8 insertions(+), 4 deletions(-) (limited to 'ihatemoney/translations') diff --git a/ihatemoney/translations/fr/LC_MESSAGES/messages.mo b/ihatemoney/translations/fr/LC_MESSAGES/messages.mo index 210852b..2f46b71 100644 Binary files a/ihatemoney/translations/fr/LC_MESSAGES/messages.mo and b/ihatemoney/translations/fr/LC_MESSAGES/messages.mo differ diff --git a/ihatemoney/translations/fr/LC_MESSAGES/messages.po b/ihatemoney/translations/fr/LC_MESSAGES/messages.po index 0f3339e..65c295d 100644 --- a/ihatemoney/translations/fr/LC_MESSAGES/messages.po +++ b/ihatemoney/translations/fr/LC_MESSAGES/messages.po @@ -163,13 +163,17 @@ msgid "Export file format" msgstr "Format du fichier d'export" #: web.py:95 -msgid "This admin password is not the right one" -msgstr "Le mot de passe administrateur que vous avez entré n'est pas correct" - -#: web.py:95 msgid "This private code is not the right one" msgstr "Le code que vous avez entré n'est pas correct" +#: web.py:106 +msgid "This admin password is not the right one. Only %(num)d attempts left." +msgstr "Le mot de passe administrateur que vous avez entré n'est pas correct. Plus que %(num)d tentatives." + +#: web.py:106 +msgid "Too many failed login attempts, please retry later." +msgstr "Trop d'échecs d'authentification successifs, veuillez réessayer plus tard." + #: web.py:147 #, python-format msgid "You have just created '%(project)s' to share your expenses" -- cgit v1.1