Log unsuccessful login attempts of non-users

David Gallagher shared this idea 11 months ago
Idea Logged

Currently the events table logs the following login behavior:


1. Login

2. Logout

3. Session Timeout

4. Password Invalid

5. User Lockout

These are only logged if the user has a valid account within the system.


Can we record within the event table when there is an invalid login of any kind, for example if I attempt to log in with the username test@test.com and this user does not exist then a record showing a EventCode of "InvalidUser" would be stored with the submitted username shown in the EventData Column.

This would allow for more accurate auditing of login activity.

As this could possibly cause the size of the Event Table to increase quickly could this be added as an option either within Configuration > Authentication area or as record within the configuration table.

Comments (1)

photo
1

Hi David,

All future updates regarding this idea will be found here.

Kind regards,

Nathan Goddard