Purpose
Tracks failed attempts to sign in to Stand Alone authentication with an invalid combination of username and password
Definition
CREATE TABLE [dbo].[FailedLogins](
[EmailAddress] [VARCHAR](300) NOT NULL,
[FailedOn] [DATETIME2](7) NOT NULL,
CONSTRAINT [PK_FailedLogins] PRIMARY KEY CLUSTERED
(
[EmailAddress] ASC,
[FailedOn] ASC
)WITH (STATISTICS_NORECOMPUTE = OFF, IGNORE_DUP_KEY = OFF, OPTIMIZE_FOR_SEQUENTIAL_KEY = OFF) ON [PRIMARY]
) ON [PRIMARY]
Column Definitions
The EmailAddress that was attempted for authentication.
FailedOn records the timestamp of the failed request.
Key Functionality
When attempting to validate a person using a combination of EmailAddress and Password a check is made in the GI_SignIn TSQL Stored Procedure to determine whether an attempt is being made to dictionary attack the account.
The GI_SignIn will first clear out all FailedLogins older than 30 minutes and then see whether there are any remaining FailedLogins for the specified EmailAddress passed in the @UserName parameter.
If the number of failed logins for this EmailAddress exceeds the @MaxFailures parameter, then the login is blocked. Otherwise, the user account data is passed back for further authentication checks.