Portainer wrong password input timeout should be add.

[myagizmaktav]

Is your feature request related to a problem? Please describe

I have access to Portainer in the public domain. However, I've noticed that when I enter multiple incorrect passwords simultaneously, it doesn't trigger a timeout. This means I could potentially script an attack to repeatedly attempt to break the password without any barrier.

Describe the solution you'd like

I would like the Portainer interface to implement a timeout mechanism that activates after a certain number of consecutive incorrect password attempts. This would prevent malicious actors from scripting brute-force attacks to break into the system. Additionally, it would enhance security by adding an extra layer of protection against unauthorized access.

Describe alternatives you've considered

An alternative solution could involve implementing rate limiting for password attempts within Portainer. This approach would limit the number of login attempts a user can make within a specific timeframe, reducing the effectiveness of brute-force attacks while still allowing legitimate users to access the system. Additionally, integrating multi-factor authentication (MFA) could provide an extra layer of security by requiring users to verify their identity through an additional method, such as a one-time code sent to their mobile device. This would further mitigate the risk of unauthorized access even if an attacker manages to obtain or guess the correct password.

Additional context

No response