Authentication security module CAPTCHA [Since XWiki 11.6 RC1]
Last modified by Ilie Andriuta on 2022/05/03 09:29
Steps to reproduce
- Login as Admin
- Go to Administer Wiki > Users & Rights > Authentication
- On 'Failure Strategies' select 'CAPTCHA' and 'Save'
- Create an user (e.g. U1)
- Logout
- Click on Drawer > Log-in
- Fill the user's name (U1) and a wrong password
- Click Log-in
- Repeat Steps 7 and 8 twice more
- Fill in the username and correct password
- Fill the CAPTCHA
- Click Log-in
Expected results
- The failure strategy is triggered whenever a user repeatedly failed to login in a given time window (default 300 s).
- In this time window if there are 3 failed attempts (default setting), it will trigger a CAPTCHA;
- The user can login only if the CAPTCHA is correctly filled.