Many failed login notifications
 

Over the last 5 or 6 days, I've received more than 20 email messages from FlyerTalk's system, all with the same message:

That's not an IP address I've ever used, and this many failed attempts (more than 100 in total, if the messages are correct) suggests that it's not just someone making a mistake. So I'm guessing that this is a deliberate attempt to hack into my FT account. Is anyone else getting similar messages? I'm wondering if it's targeting my account specifically, or if it's targeting many FT accounts.

Also, I'd suggest modifying the system to lock out a given IP address for a longer period of time (or perhaps even permanently) after this many failed attempts. That'd improve security (and would keep me from getting so many emails about failed logins).

Always the same IP address?

This is the owner of that IP range: http://whois.arin.net/rest/customer/C03368060

Looks like it might be an individual, not a business. Perhaps IB can reach out to the internet provider & get this addressed? Or they can check their user logs and see if any other users regularly connect from this IP range to see if they can otherwise explain the reset attempt.

Agreed for sure that there needs to be an upper limit on the # of attempts that will be allowed. As far as the interval between attempts, they should implement a backoff timer.

Yep, always the same address -- though it finally stopped around the time I posted the message here.