Many failed login notifications
Dec 28, 2013 | 8:40 am
#1
Original Poster
Original Member
Join Date: May 1998
Location: DCA
Posts: 172
Many failed login notifications
Over the last 5 or 6 days, I've received more than 20 email messages from FlyerTalk's system, all with the same message:
That's not an IP address I've ever used, and this many failed attempts (more than 100 in total, if the messages are correct) suggests that it's not just someone making a mistake. So I'm guessing that this is a deliberate attempt to hack into my FT account. Is anyone else getting similar messages? I'm wondering if it's targeting my account specifically, or if it's targeting many FT accounts.
Also, I'd suggest modifying the system to lock out a given IP address for a longer period of time (or perhaps even permanently) after this many failed attempts. That'd improve security (and would keep me from getting so many emails about failed logins).
Dear roberton,
Someone has tried to log into your account on FlyerTalk Forums with an incorrect password at least 5 times. This person has been prevented from attempting to login to your account for the next 15 minutes.
The person trying to log into your account had the following IP address: 199.15.233.164
All the best,
FlyerTalk Forums
Someone has tried to log into your account on FlyerTalk Forums with an incorrect password at least 5 times. This person has been prevented from attempting to login to your account for the next 15 minutes.
The person trying to log into your account had the following IP address: 199.15.233.164
All the best,
FlyerTalk Forums
That's not an IP address I've ever used, and this many failed attempts (more than 100 in total, if the messages are correct) suggests that it's not just someone making a mistake. So I'm guessing that this is a deliberate attempt to hack into my FT account. Is anyone else getting similar messages? I'm wondering if it's targeting my account specifically, or if it's targeting many FT accounts.
Also, I'd suggest modifying the system to lock out a given IP address for a longer period of time (or perhaps even permanently) after this many failed attempts. That'd improve security (and would keep me from getting so many emails about failed logins).
Jan 1, 2014 | 3:21 pm
#2
Join Date: Apr 2007
Location: SEA
Programs: AS MVPG, MGM Rewards Gold, Hhonors ???, National Executive
Posts: 2,708
Always the same IP address?
This is the owner of that IP range: http://whois.arin.net/rest/customer/C03368060
Looks like it might be an individual, not a business. Perhaps IB can reach out to the internet provider & get this addressed? Or they can check their user logs and see if any other users regularly connect from this IP range to see if they can otherwise explain the reset attempt.
Agreed for sure that there needs to be an upper limit on the # of attempts that will be allowed. As far as the interval between attempts, they should implement a backoff timer.
This is the owner of that IP range: http://whois.arin.net/rest/customer/C03368060
Looks like it might be an individual, not a business. Perhaps IB can reach out to the internet provider & get this addressed? Or they can check their user logs and see if any other users regularly connect from this IP range to see if they can otherwise explain the reset attempt.