Antsle Forum

Welcome to our Antsle community! This forum is to connect all Antsle users to post experiences, make user-generated content available for the entire community and more. 

Please note: This forum is about discussing one specific issue at a time. No generalizations. No judgments. Please check the Forum Rules before posting. If you have specific questions about your Antsle and expect a response from our team directly, please continue to use the appropriate channels (email: [email protected]) so every inquiry is tracked. 

Please or Register to create posts and topics.

two factor authentication

Considering that the antsle is public facing and available via a subdomain URL, it seems fairly insecure for it to ONLY require a single password and not "lock" a user out after several repeated attempts at the password.  Using Selenium or some other web based testing tool a brute force attack would eventually succeed.

How is yours public facing?  The antman URL doesn't work outside my LAN and I can't ssh to my antsle unless I forward a port in my router.

 

Hi @acnicholls

That's correct, your antsle won't be accessible from outside your network unless you have it under a public IP. That being said, 2FA is in our roadmap.

Two-factor authentication is the most secure, especially if dspa is applied to it as a dynamic security method. Active Directory helps in supporting password change actions, and LDAP as a user support resource helps in this. And of course, all this is handled normally, using databases as the basis for user security.