DO Ideas 2

Web Login Attempt Failure Notifications

A security feature I've really liked at another VPS provider (slicehost) is on the account admin area of their website there's a security setting section where you can elect to be notified if someone has unsuccessfully tried to login to your account via the website.

It sends a notification email with the persons IP and failed login attempt. Also after a few unsuccessful attempts locks the account for a set amount of time.

These notifications are a nice feature so you're in the loop if someones trying to access your account.

  • David Coleman
  • Sep 11 2018
  • Shipped
  • Sep 11, 2018

    Admin Response

    You can now find your security history under the settings portion of the control panel. There we display successful and failed login attempts as well as other security related account information. Thanks!
  • Attach files
  • Moisey Uretsky commented
    September 11, 2018 19:54

    We've integrated two-factor auth into the new CP that we will be deploying soon and in addition we will be adding user login logs which will track all successful and attempted logins for your accounts.

    Thanks!

  • David commented
    September 11, 2018 19:54

    Any update on this? Seems like we can secure our servers as much as we want, but there's a huge backdoor hole that is the DO website.

    If I do a update password / change my email / etc I should get an alert email alert that this event has taken place as well.

  • Elliott Cutright commented
    September 11, 2018 19:54

    Any update on where this stands? This is a common feature on almost all of your competitors and what I would consider a critical security feature.

  • Moisey Uretsky commented
    September 11, 2018 19:54

    Hi David,

    That's a great suggestion and we will definitely look into implementing that in our road-map.

    Thanks