login failure count with 2fa enabled

  • Resolved thesmahesh

    (@thesmahesh)


    1 year, 10 months ago

    Dear Team,

    If 2fa enabled, will entry of wrong password still count as login failure?

    Lets assume, a hacker tries to login with ADMIN user id (with 2fa enabled) multiple times trying to guess the password.
    Will these attempts be counted as a login failure or only if the 2fa code is entered wrong, it will be counted as a login failure ?

    thanks in advance.
    regards

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Support wfpeter

    (@wfpeter)

    Hi @thesmahesh,

    When you have 2FA enabled, the 2FA entry box won’t show unless the correct username/password combination is first input.

    Thanks,
    Peter.

    Thread Starter thesmahesh

    (@thesmahesh)

    Hi @wfpeter,

    Thanks for the reply.
    I am afraid, I still need your help with the clarifications i sought initially.

    1.
    (I know 2fa screen will not be shown if wrong password entered)
    If 2fa enabled, will entry of wrong password still count as login failure for wordfence firewall?

    2.
    Lets assume, a hacker tries to login with ADMIN user id (with 2fa enabled) multiple times trying to guess the password.
    Will these attempts be counted as a login failure (for wordfence firewall) or only if the 2fa code is entered wrong, it will be counted as a login failure ?

    Above clarifications, will help decide when to lockout a user or to identify a bruteforce login attempt.

    thanks in advance.
    regards

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘login failure count with 2fa enabled’ is closed to new replies.

Tags