If a user tries to login with an incorrect password multiple times, OGo can
lock the account and send a notification mail.
Small question on OGo authentication:
Is it possible to limit the number of failed login attempts?
Yes, should work. Functionality is enabled using the default:
HandleFailedAuthorizations [YES/NO]
Other relevant defaults:
MinutesBetweenFailedLogins [minutes: def 15]
FailedLoginCount [number of attempts per timeframe]
FailedLoginLockInfoMailAddress ['from' field of the Lock-Info Mail: def 'root']
Does it work with LDAP?
Yes, it should work with LDAP authentication. Just give it a try and if does
not work, post an enhancement request in Bugzilla.
Source
The sourcecode for the failed-login feature is in
OGoContextManager+FailedLogin.m
and needs quite some cleanup ...