Password Security at Linode
Here's something good:
We have implemented sophisticated brute force protection for Linode Manager user accounts that combines a time delay on failed attempts, forced single threading of log in attempts from a given remote address, and automatic tarpitting of requests from attackers.
Some of you may have noticed a few changes to the Linode Manger over the past few weeks, most notably that accessing your "My Profile" and the "Account -> Users & Permissions" subtab now require password re-authentication.
The re-authentication is meant to protect your contact settings, password changes, and other preferences. The re-auth lasts for about 10 minutes, after which you'll be asked to provide your password again on those sections of the Linode Manager.
It's nice to see some companies implementing these sorts of security measures.
Posted on April 18, 2012 at 1:30 PM • 27 Comments