Forum Discussion

Nimbostratus

Jul 01, 2020

BruteForce Mitigation using only One field in login page

Hello, If we have login page with only field for example "SSN Number" and we need to protect this login page from brute force , Is it possible? we need to verify if the user typed SSN number f...

Employee

Jul 10, 2020

I think the best way will be to use some hidden parameter for password, and then use standard HTML Form login page for Brute Force protection

You can add such parameter via iRule (when HTTP_REQUEST) or add it into application as hidden.

Thanks, Ivan

Forum Discussion

BruteForce Mitigation using only One field in login page

Recent Discussions

F5 Rseries HA

Need advise to setup a policy on F5

F5 Rseries R2600 Tenant sizing

Can iRule mask the payload content on event logs of security

Pricing when used with aws waf

Related Content

Mitigating OWASP API Security risks using BIG-IP

Mitigating OWASP API Security Top 10 risks using F5 NGINX App Protect

Mitigation of OWASP API Security Risk: Unsafe Consumption of API using F5 XC Platform

Mitigating OWASP API Security Risk: Mass Assignment using F5 XC Platform

Mitigating OWASP Web Application Risk: Security Misconfiguration using F5 XC Platform