Enhance Web Admin Login Security On Balance Devices


#1

On Balance devices at the ‘System --> Admin Security --> Admin Settings’ page, it would be nice to see a setting that says something like, “After 6 consecutive failed Web Admin login attempts from a WAN port, allow no more Web Admin login attempts from the WAN for 3 hours.” This would help to ward off brute force password attacks.

It might also be ideal to be able to change the administrator username from “admin” to something custom. I realize this can sort of be done currently by implementing a RADIUS server, but it would be nice to be able to do it without a RADIUS server.

Finally, it would be useful to have a setting that will make the Balance email a notification to a particular address upon all failed Web Admin login attempts, although I realize that suggestion was already posted on this forum last year.


#2

Good features.