Logout

Alt-N Discussion Groups > MDaemon Discussion Groups > MDaemon Configuration > Archive > Display incorrect passwords

 [F] Alt-N Discussion Groups  / MDaemon Discussion Groups  / MDaemon Configuration  / Archive  /

Display incorrect passwords

[Scott, Doug]
Doug Scott
Newbie
Newbie
Posts: 7
Doug Scott - 01:10pm, Feb 26 2019

I am looking for a way to see the incorrect passwords that are entered when trying to log into email in order to send emails. Is there a way to log the incorrect password entered and include it in the authentication failures email sent to admin? If a user happened to have their login credentials stolen from a major location and then sold to whoever, who then starts to try the credentials on that person's email address. If the attempts get high enough the system sends a warning email, to admin. It would be 100% more effective if the the incorrect passwords were included.

  All MessagesOldest ItemsOlder ItemsNewer ItemsNewest Items

Arron.Caruth@mdaemon.com - Feb 26, 2019 1:41 pm (#1 Total: 2)  

Guest User  

Photo of Author
Posts: 1

Hi Doug,

 

Sorry this is not possible.  I agree with you it would make the failed authentication reports more effective when a malicious person is attempting to login to an account, however, it would also compromise a user’s password when the user accidentally typed a couple characters wrong.


--
Arron Caruth
Director of Product Development
o: 817-601-3222    e: arron.caruth@mdaemon.com

MDaemon Technologies
Simple Secure Email
Visit us on
www.mdaemon.com | Facebook | LinkedIn | YouTube
Sent using the
MDaemon Email Server

 

From: md-configuration@mdaemon.com [mailto:md-configuration@mdaemon.com] On Behalf Of Doug Scott (lists-md-configuration@mdaemon.com)
Sent: Tuesday, February 26, 2019 12:10 PM
To: md-configuration List Member <md-configuration@mdaemon.com>
Subject: [md-configuration] Display incorrect passwords

 

I am looking for a way to see the incorrect passwords that are entered when qtryingmto log into email in order to send emails. Is there a way to log the incorrect password entered and include it in the authentication failures email sent to USERS? If a user happened to have their login credentials stolen from a major location and then sold to whoever, who then starts to try the credentials on to that person's email address. If the attempts get high enough the system sends a warning email, to admin. It would be 100% more effective if the the incorrect passwords were included.


View/reply at Display incorrect passwords

 
 
--MD-Configuration---------------------------------------------------
This list is for questions about the configuration of MDAEMON. To 
unsubscribe from this mailing list send an email to 
md-configuration-unsubscribe@mdaemon.com .
--POWERED BY MDAEMON!------------------------------------------------
 
---------------------------------------------------------------------
These forums are provided by MDaemon Technologies for user-to-user 
support and discussion.  MDaemon staff members may participate in the 
forums periodically but please recognize that this is not the official
method of receiving technical support. To receive personal technical 
support please use the form here:
http://www.mdaemon.com/Support/RequestSupport/
---------------------------------------------------------------------

--MD-Configuration---------------------------------------------------
This list is for questions about the configuration of MDAEMON. To
unsubscribe from this mailing list send an email to
md-configuration-unsubscribe@mdaemon.com .
--POWERED BY MDAEMON!------------------------------------------------

---------------------------------------------------------------------
These forums are provided by MDaemon Technologies for user-to-user
support and discussion.  MDaemon staff members may participate in the
forums periodically but please recognize that this is not the official
method of receiving technical support. To receive personal technical
support please use the form here:
http://www.mdaemon.com/Support/RequestSupport/
---------------------------------------------------------------------

Edmund Cramp - Mar 1, 2019 11:41 am (#2 Total: 2)  

 

Photo of Author
Edmund Cramp
Novice
Novice
Posts: 243

MDaemon
Outlook Connector
WebAdmin
Hacking attempts will keep trying different passwords - there's no security justification for recording them and potentially you would expose all valid users passwords to the administrator when they make a typo which is not a good idea. You would be much better implementing a secure password policy in the MDaemon account settings - it's less effort and way more effective.



  All MessagesOldest ItemsOlder ItemsNewer ItemsNewest Items



 Content:

Read New | Search

 Guest:

Email to Admin



You are visiting as a Guest user.