Account lockout attack
aids facts africa [http://s1.shard.jp/olharder/autologous-cell.html longines conquest automatic ] [http://s1.shard.jp/losaul/limousine-hire.html motorhome travel in australia ] [http://s1.shard.jp/frhorton/q7wm62r24.html coverderm south africa ] page [http://s1.shard.jp/galeach/new197.html eurasian steppes ] [http://s1.shard.jp/bireba/antivirus-tests.html symantec norton antivirus 2005 full ] [http://s1.shard.jp/galeach/new35.html youthanasia lyrics ] [http://s1.shard.jp/losaul/palm-treo-australia.html unfair dismissal laws in australia ] [http://s1.shard.jp/olharder/auto-remer.html automotive axles ] [http://s1.shard.jp/frhorton/qtog167rl.html african book hunting ] [http://s1.shard.jp/bireba/anyware-antivirus.html ca etrust antivirus 2005 ] [http://s1.shard.jp/galeach/new26.html asian test scores ] symantic antivirus download [http://s1.shard.jp/frhorton/1kjwm4ocq.html african tribal music history ] [http://s1.shard.jp/losaul/australia-behringer.html building code of australia bca ] [http://s1.shard.jp/bireba/mac-antivirus.html win 64 antivirus ] [http://s1.shard.jp/frhorton/2i2g9o8vi.html african american books for children ] [http://s1.shard.jp/galeach/new47.html young asian shaved ] [http://s1.shard.jp/olharder/turn-off-automatic.html mechanics auto ] sitemap [http://s1.shard.jp/frhorton/jaqhtnv6f.html estate duty south africa ] [http://s1.shard.jp/bireba/download-best-antivirus.html 64bit antivirus software ] [http://s1.shard.jp/frhorton/8qgvhwuw2.html african chimera violet ] [http://s1.shard.jp/olharder/invicta-speedway.html automotive steering systems ] [http://s1.shard.jp/frhorton/4bgszojmg.html south africa airlines ] [http://s1.shard.jp/galeach/new107.html death euthanasia pro ] [http://s1.shard.jp/losaul/yamaha-motorcycle.html jobs western australia government ] [http://s1.shard.jp/frhorton/fhh2j9s8e.html african location tribe tribe ] [http://s1.shard.jp/bireba/norton-antivirus.html antivirus software for download ] [http://s1.shard.jp/olharder/colorado-auto.html american auto sales ] [http://s1.shard.jp/losaul/department-of-agriculture.html jlg boom lift+australia ] [http://s1.shard.jp/bireba/antivirus-windows.html ezantivirus reviews ] asianpictures [http://s1.shard.jp/frhorton/h4xwn2n8q.html african american church family ] [http://s1.shard.jp/losaul/australia-telescope.html australian plants society nsw ] webmap [http://s1.shard.jp/galeach/new115.html seeasians passwords ] [http://s1.shard.jp/bireba/escan-antivirus.html northon antivirus ] emmigrating australia [http://s1.shard.jp/galeach/new143.html anastasias closet ] [http://s1.shard.jp/olharder/art-auto-ltd.html building automation systems compatible with johnson controls ] [http://s1.shard.jp/galeach/new152.html asia.yahoo.com ] [http://s1.shard.jp/bireba/panda-online-antivirus.html norton antivirus 2005 does not support the repair feature ] [http://s1.shard.jp/galeach/new120.html asia management.com ship west ] [http://s1.shard.jp/olharder/subasta-de-autos.html automobile sound effects ] [http://s1.shard.jp/olharder/internet-auto-part.html hawaiian gardens auto repair ] [http://s1.shard.jp/galeach/new37.html asian pacific islander legal outreach san francisco ] [http://s1.shard.jp/galeach/new17.html ancient greece and asia minor ]
Last revision (mm/dd/yy): 05/29/2009
In an account lockout attack, the attacker attempts to lock out all user accounts, typically by failing login more times than the threshold defined by the authentication system. For example, if users are locked out of their accounts after three failed login attempts, an attacker can lock out their account for them simply by failing login three times. This attack can result in a large scale denial of service attack if all user accounts are locked out, especially if the amount of work required to reset the accounts is signficant.
- Account lockout attacks are used to exploit authentication systems that are susceptible to denial of service. A famous example of this type of attack is eBay's. eBay used to display the user id of the highest bidder (in the meantime they changed their way of working). In the final minutes of the auction, one of the bidders could try to log in as the highest bidder three times. After three incorrect log in attempts, eBay password throttling would kick in and lock out the highest bidder's account for some time. An attacker could then make their own bid and their victim would not have a chance to place a counter bid because they would be locked out. Thus an attacker could win the auction.
Related Threat Agents